maillterr2a.imboxt3erra.dynv6.net Open in urlscan Pro
20.15.107.238 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://maillterr2a.imboxt3erra.dynv6.net/terra/
Effective URL:
https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Submission: On March 22 via automatic, source phishtank (March 22nd 2024, 5:28:59 pm UTC) — Scanned from DE

Summary HTTP 166 Redirects Links 60 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 21 domains to perform 166 HTTP transactions. The main IP is 20.15.107.238, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is maillterr2a.imboxt3erra.dynv6.net.
TLS certificate: Issued by R3 on March 21st 2024. Valid for: 3 months.

This is the only time maillterr2a.imboxt3erra.dynv6.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	20.15.107.238 20.15.107.238	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	208.84.244.97 208.84.244.97	40260 (TERRA-NET...) (TERRA-NETWORKS-MIAMI)
44	2a02:26f0:780... 2a02:26f0:780::5f65:36d3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:780... 2a02:26f0:780::5f65:367b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
1	18.244.18.32 18.244.18.32	16509 (AMAZON-02) (AMAZON-02)
3	13.224.185.120 13.224.185.120	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	18.245.31.123 18.245.31.123	16509 (AMAZON-02) (AMAZON-02)
2	13.33.221.174 13.33.221.174	16509 (AMAZON-02) (AMAZON-02)
2	2a02:6b8::90 2a02:6b8::90	208398 (TELETECH) (TELETECH)
12	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
3	185.86.139.116 185.86.139.116	201081 (SMARTADSE...) (SMARTADSERVER)
2	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.149.50.64 34.149.50.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
16	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
4	208.84.244.116 208.84.244.116	40260 (TERRA-NET...) (TERRA-NETWORKS-MIAMI)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	88.221.124.22 88.221.124.22	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.16.164.41 2.16.164.41	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.53.232.23 23.53.232.23	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
6	23.212.88.20 23.212.88.20	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2.19.100.239 2.19.100.239	16625 (AKAMAI-AS) (AKAMAI-AS)
5	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	() ()
1 3	2a02:2638:3::c 2a02:2638:3::c	() ()
166	34

3 20.15.107.238 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

maillterr2a.imboxt3erra.dynv6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 208.84.244.97 (United States)

ASN40260 (TERRA-NETWORKS-MIAMI, US)
PTR: mia-cdn.trrsf.com

s1.trrsf.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a02:26f0:780::5f65:36d3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s1.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1.trrsf.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::5f65:367b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.terra.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-32.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.185.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-185-120.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-123.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.221.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-221-174.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation)

ASN208398 (TELETECH, RS)

bs.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.116 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

86773b6f5340a017dd84af903bdae2e0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 208.84.244.116 (United States)

ASN40260 (TERRA-NETWORKS-MIAMI, US)
PTR: www.terra.com.br

svadata.terra.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 88.221.124.22 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-124-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.164.41 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-164-41.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.53.232.23 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-232-23.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.100.239 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-100-239.deploy.static.akamaitechnologies.com

hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10969-0.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (None, ) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	trrsf.com s1.trrsf.com — Cisco Umbrella Rank: 517370 p1.trrsf.com — Cisco Umbrella Rank: 492603	408 KB
23	media.net prebid.media.net — Cisco Umbrella Rank: 1716 contextual.media.net — Cisco Umbrella Rank: 1165 warp.media.net — Cisco Umbrella Rank: 3835 lg3.media.net — Cisco Umbrella Rank: 9146 hblg.media.net — Cisco Umbrella Rank: 3179	228 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 86773b6f5340a017dd84af903bdae2e0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 204	224 KB
15	trrsf.com.br s1.trrsf.com.br p1.trrsf.com.br — Cisco Umbrella Rank: 944703	568 KB
14	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 371 cdn.adnxs.com — Cisco Umbrella Rank: 2556 fra1-ib.adnxs.com — Cisco Umbrella Rank: 7278 acdn.adnxs.com Failed	91 KB
8	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 106153 d.tailtarget.com — Cisco Umbrella Rank: 110966 tt-10969-0.seg.t.tailtarget.com — Cisco Umbrella Rank: 500007 b.t.tailtarget.com — Cisco Umbrella Rank: 82286 t.tailtarget.com — Cisco Umbrella Rank: 39574	47 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 355 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 920 aax.amazon-adsystem.com — Cisco Umbrella Rank: 461	80 KB
5	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 891 gum.criteo.com mug.criteo.com	8 KB
5	terra.com.br www.terra.com.br — Cisco Umbrella Rank: 262431 svadata.terra.com.br	29 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 195 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 275	167 KB
3	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 2166	2 KB
3	dynv6.net 1 redirects maillterr2a.imboxt3erra.dynv6.net	6 KB
2	criteo.net static.criteo.net	60 KB
2	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 3203	592 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 437	19 KB
2	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 745 eus.rubiconproject.com Failed	2 KB
2	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 2425	448 B
2	yandex.ru bs.yandex.ru — Cisco Umbrella Rank: 8596	931 B
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 264	227 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	300 B
0	rlcdn.com Failed api.rlcdn.com Failed
166	21

	Domain	Requested by
33	s1.trrsf.com	maillterr2a.imboxt3erra.dynv6.net s1.trrsf.com p1.trrsf.com s1.trrsf.com.br
16	pagead2.googlesyndication.com	securepubads.g.doubleclick.net maillterr2a.imboxt3erra.dynv6.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	s1.trrsf.com.br	maillterr2a.imboxt3erra.dynv6.net s1.trrsf.com.br
9	contextual.media.net	s1.trrsf.com contextual.media.net maillterr2a.imboxt3erra.dynv6.net
9	p1.trrsf.com	maillterr2a.imboxt3erra.dynv6.net s1.trrsf.com.br s1.trrsf.com
8	fra1-ib.adnxs.com	s1.trrsf.com maillterr2a.imboxt3erra.dynv6.net cdn.adnxs.com
6	lg3.media.net	maillterr2a.imboxt3erra.dynv6.net contextual.media.net
4	hblg.media.net	maillterr2a.imboxt3erra.dynv6.net
4	svadata.terra.com.br	maillterr2a.imboxt3erra.dynv6.net
4	ib.adnxs.com	s1.trrsf.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	prg.smartadserver.com	s1.trrsf.com
3	securepubads.g.doubleclick.net	s1.trrsf.com securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	s1.trrsf.com c.amazon-adsystem.com
3	maillterr2a.imboxt3erra.dynv6.net	1 redirects s1.trrsf.com.br
2	gum.criteo.com	1 redirects static.criteo.net s1.trrsf.com
2	static.criteo.net	s1.trrsf.com static.criteo.net
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-10969-0.seg.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	maillterr2a.imboxt3erra.dynv6.net d.tailtarget.com
2	cdn.adnxs.com	s1.trrsf.com
2	warp.media.net	s1.trrsf.com
2	qsearch-a.akamaihd.net	s1.trrsf.com
2	cdn.jsdelivr.net	securepubads.g.doubleclick.net
2	p1.trrsf.com.br	maillterr2a.imboxt3erra.dynv6.net
2	fastlane.rubiconproject.com	s1.trrsf.com
2	bidder.criteo.com	s1.trrsf.com
2	s.seedtag.com	s1.trrsf.com
2	prebid.media.net	s1.trrsf.com
2	bs.yandex.ru	s1.trrsf.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	mug.criteo.com
1	t.tailtarget.com
1	86773b6f5340a017dd84af903bdae2e0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	sb.scorecardresearch.com	maillterr2a.imboxt3erra.dynv6.net
1	stats.g.doubleclick.net	maillterr2a.imboxt3erra.dynv6.net
1	www.google-analytics.com	maillterr2a.imboxt3erra.dynv6.net
1	tags.t.tailtarget.com	s1.trrsf.com
1	www.terra.com.br	maillterr2a.imboxt3erra.dynv6.net
0	eus.rubiconproject.com Failed	s1.trrsf.com
0	acdn.adnxs.com Failed	s1.trrsf.com
0	api.rlcdn.com Failed	s1.trrsf.com
166	43

This site contains links to these domains. Also see Links.

Domain
servicos.terra.com.br
central.terra.com.br
www.terra.com.br
mail.terra.com.br
www.terrafibra.com.br
www.terraempresas.com.br
terraempresas.com.br
webmail.terraempresas.com.br
www.vivo.com.br
appstore.vivo.com.br
www.loja.vivo.com.br
www.vivomoney.com.br
www.vivogestaodeequipe.com.br
www.vivoplataformadigital.com.br
duvidas.terra.com.br

Subject Issuer	Validity	Valid
maillterr2a.imboxt3erra.dynv6.net R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
terra.com.br Sectigo RSA Organization Validation Secure Server CA	`2023-06-30` - `2024-06-29`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2024-01-19` - `2024-12-29`	a year	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-03-11` - `2024-09-09`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2024-02-19` - `2024-05-19`	3 months	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Frame ID: 14872E62696FC37AE36D62775D46F072
Requests: 103 HTTP requests in this frame

Frame: https://s1.trrsf.com.br/slide-mail/normal_2.html
Frame ID: BE03DA129D3FB2D316F5BA052DF8DB98
Requests: 8 HTTP requests in this frame

Frame: https://86773b6f5340a017dd84af903bdae2e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 10E06731627D484E02AD2B16D55D8A33
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstRQVnPtyG8f3pc7Yur6nHwJBVKzNw1-8spSmfsNyxz8RFJSm5SHmmKpeTjdQww0EaMScvzAzfwB8YIGNrB0nqy8ch7RHyt1BPI449xzkTUjqi1tAHLeDTbMPKPdFc410YTKYpIiveDj57fC1HTt7Ot3bbfCx-dlyh49WALjtPb_ZVwdjvP760nS4Ecef7Lni1PADYTnSlmF2hXdH87bs1F9kKx5jyH28qIWJ_QnOhKTzqG65XoEZWCNrt15FLTyhTPKzFEXvKPo0ahEKYKxUICZUA3-lMr9qMufzOlZxKrdb0zSXV2H1DRH9XeXV-VRoh2wjAbJXaIsVGFtM3aHUZfaRViJ01NvYlPY0oHovh0bmpgOx_0qCcFXzAwVLgw-ynqgeBzCj4xWm756EIsFbmq97fKIcDemao&sig=Cg0ArKJSzFuGBXRfEePkEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: F314E63EED86A1FD3BBBDBA94646FF14
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvSz2D40gAcUHrfyou_0-6_oSu-8okPE7RTB6NjlWtwegfTa33dtOjEP0MqkfnQ3ilyjP0gd17pmOAhD2cwted6fen5_fOCXTCjnQbl-DKMceN6ruwNuLLEn_DbgA2Ojv15fHibq7wXmcHDuOKbmRuaxbUf82Vd5RDA8LhWO0vmzP2c_rRE7zilIGMX8HWiRqQtXKwoN6WQS_11syy8KUatqAMYnt9l5t7Z0HMzTQcud5nTF1SCJorEFuaC_MZ70iyGullOfiEBPswfHKwlUUSRiLz4eiqzMTQSCmAIh94ttOYQrn5drvvB6YHY_ZlJvaqQSWa7z26CVz-s9o9ScXGevfGrhNVB2CwE8dodBTc19laO8RRwNi_VFVWEe-7OGukPBbFqq7aADa_MNWxkhG4aa4XWX58eHdBWSujEJ3vS&sig=Cg0ArKJSzIOTZWRFGVXNEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 30B53CB9AD4B42FB4559A1FDD48329F2
Requests: 19 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2678&&kkdd=*u%7C3%7CHn*A9&Qw=GyGGGMBN07N7)0y0)7)&h-cp=G&tOcb=E&W-Q=GGBN&DOWF=1))7&Ww-=BqR7MSRB!&WcW-=)-8qdvmjNq2K6Fy6R7J5.~%3D%3D&Wpw-=)0)NN0M07&OwrF=0EE9MNE&WW=g!&OW=A!&WYJt=A~LSuj(&cw-=Bsu)2yS3_&Dcw-=evNNyMN&YDDcO=G&ppp=DrLfY1W.f1B_lyWCax0rGFVf)!yjQIWBW_5_wj3Jl8AB(u5f6j*VzQJrxh-rB5xu.8nWFcwlQAh4e)bdwStRzOIQ8wJQm!.F&JOF=N&.U=G&Ih-=)&b-DG=BqRAN!j)B&b-DM=GEG700NG)&l-bDb=ol9x.FJ%3DGMNEolYc%3DEolw-%3DEk0GEol9xbJWFODCp%3DEf0XMEf)ol9xbOJ%3D0GGE0ol9xF9c%3DEol9xhwJOI%3DEol9xwJDt-%3DEol9xpY%3D)yg!ncTBAHol9xpcW%3DEEEEEGEol9xOwrF%3D0EE9MNEol9xDtb9%3DBNol9xDt.xOIaaw9%3D%2FoWwDV%3Dj!Rj_vLqA!joW6xa.%3DEo-W%3DhWcfFIfUFODGflo-ttx-G%3DEo-ttx-GE%3DEo-ttx-GM%3DGo-ttx-G)%3DEo-ttx-GN%3DGo-ttx-G7%3D0o-ttx-Gy%3DEo-ttx-GB%3D0Eo-ttx-M%3Deo-ttx-MG%3DfGo-ttx-MM%3DEkE7o-ttx-M)%3DNo-ttx-MN%3D-Fax-Fao-ttx-MB%3DNo-ttx-M*%3DEkEEo-ttx-0%3DEo-ttx-0E%3DEo-ttx-0M%3DEo-ttx-00%3DEo-ttx-07%3Dj~o-ttx-0y%3Deo-ttx-)%3DEEo-ttx-)E%3DEo-ttx-)M%3DEo-ttx-)0%3DEo-ttx-))%3DcpC-o-ttx-)N%3DEo-ttx-)7%3DLo-ttx-NG%3DEo-ttx-NM%3DEkEEo-ttx-N7%3DEo-ttx-y%3DEo-ttx-B%3DEo-ttx.%3DEkE70o-ttxtG%3DEkG0)o-ttxtGE%3DGkEEEo-ttxtGG%3DEk**Bo-ttxtGM%3DEk0NNo-ttxtG0%3DGkEEEo-ttxtG)%3DGkEEEo-ttxtGN%3DEk**0o-ttxtG7%3DEkG00o-ttxtM%3DEkGy7o-ttxtMG%3DGkEEEo-ttxtM0%3DGkEEEo-ttxtM)%3DGkEEEo-ttxtMN%3DGkEEEo-ttxtM*%3DGkEEEo-ttxt0%3DGkEEEo-ttxt0E%3DGkEEEo-ttxt0)%3DGkEEEo-ttxt0N%3DGkEEEo-ttxt07%3DGkEEEo-ttxt0*%3DGkEEEo-ttxt)E%3DGkEEEo-ttxt)0%3D7kBBMo-ttxtN%3DGkEEEo-ttxtNG%3DGkEEEo-ttxtNM%3DEk0N)o-ttxtN0%3DEkGyBo-ttxtN)%3DNkEEEo-ttxtNN%3DGkEEEo-ttxtNy%3DGkEEEo-ttxt7%3DGkEEEo-ttxty%3DEk0NNo-ttxty0%3DGkEEEo-ttxty)%3DGkEEEo-ttxt*%3DGkEEEo-ttxp%3DEkMG)oFxpct%3DEkG0)oFpct%3DEkG0)oYW%3DE%20%2B%20EowYb%3DEowDVcF%3D~ssj!dR5othw%3DG)NEyE*EopxWW%3Dg!opxwc%3DMGykGG)kMGBkEopxOW%3DjvoplC%3DNx0opFaxWJD%3DEoOF..FpxDbhxw-%3D%2FGMGG%2FlpkDFppbktbw.%2FYCtF%2FOGoOD-%3D%2FGMGG%2FlpkDFppbktbw.%2FYCtF%2FOGoQlp%3DEoQwOwlw.wDV%3DEoWl-c%3DEkGGGowDVcFxw-%3DG7oOF..FpxDbhxw-%3D%2FGMGG%2FlpkDFppbktbw.%2FYCtF%2FOGoOIcc.VxDbhxw-%3DG)NEyE*EoQwFUblw.wDV%3DEk0N)MN0ocCO%3DEoWbppwFpv-%3DEoChlw-%3DEk0GEEEEola.p%3DEkEEEoOIw-%3Do-DW%3DFIxlFo-ttxFpct%3Dab.OFo-tt%3DYbptCJVol-cWbc-%3DEo-b.h%3DIJwOCJGBowJO.%3DEoOClc%3DoYDt.%3DGo-WID%3D7No-Chl%3DEfGowlW%3DGooJOr%3DGoDhO%3D0EE9MNEolOl%3DGolOc%3DfGoDt9%3DB7ot9l6D%3DE&JDQ=E&wU=0EE&wJvap=G&l-pv-=)7M&lw-=0NE70N&tWa=7BM0y&V-Ocp=G&6bDcpF=G&6bDlw-=fGE0&Wb-CtbwJ=DrLfY1W.f1fpc7S0W9VvB!HSL)h_)f6UpCxbrTyS5!R%3D&Vc.c=G&wOw-=N&b-Q=SV%20HFOD%205FbpWYFO&bWD=sHvJH)9jrjKpba9)IjH9ah909aja%2F~rbja~&chw-=cEyMEyB)M*NDMEM)E0MMGyMB&OO.-=%7B%22OOwc%22%3A%22MGykGG)kMGBkE%22%2C%22OOWW%22%3A%22g!%22%2C%22OOOW%22%3A%22jv%22%2C%22OOWDV%22%3A%22tFFplFW6%22%7D&YDt.OpW=G&sflct=8110349&ure=1
Frame ID: 637C7D8C6B73E290575EEAFA039CC64C
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Frame ID: F1FB43550146436B5D7534E9B6E427E5
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C229%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 38F2E83411E927CA10D1A1B2E889D35F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2703&&kkdd=3u%7CH%7Cn*9A&JF=YfYYY(sW758(7(UYUU8&)an!=Y&3tnL=i&IaJ=YYsW&EtI6=wUU5&IFa=smB5(NBs9&InIa=UajmpxDuWm-db6fbB5hcGS%3D%3D&I!Fa=YWWWYU(U5&tF46=8fiA(Wi&II=K9&tI=29&Iyh3=2SrN1uV&nFa=s.1WcwveU&EnFa=vWfx9im&yEEnt=Y&!!!=E4rOywIGOwsoTfIlCR74Y6XOU9fuJPIsIocoFuQhTj2sV1cObu8X0Jh4R)a4scR1GjeI6nFTJ2)kvULpFN3B0tPJjFhJD9G6&ht6=W&Gq=Y&P)a=U&LaEY=smB2W9uUs&LaE(=YiY577WYU&TaLEL=zTARG6h%3DY(57zTyn%3DizTFa%3DiMY5izTARLhI6tEl!%3DiO7_(iOUzTARLth%3D7YYi7zTAR6An%3DizTAR)FhtP%3DizTARFhE3a%3DizTAR!y%3DUfK9enZs2~zTAR!nI%3DiiiiiYYzTARtF46%3D8fiA(WizTARE3LA%3DsizTARE3GRtPCCFA%3D%2FzIFEX%3Du9Buoxrm29uzIbRCG%3DizaI%3D)InO6POq6tEYOTza33RaY%3Diza33RaYi%3Diza33RaY(%3DYza33RaYU%3Diza33RaYW%3DYza33RaY5%3D7za33RaYf%3Diza33RaYs%3DWiza33RaY8%3DYiiiza33Ra(%3Dvza33Ra(Y%3DOYza33Ra((%3DiMi5za33Ra(U%3DWza33Ra(W%3Da6CRa6Cza33Ra(s%3DWza33Ra(8%3DiMiiza33Ra7%3Diza33Ra7i%3Diza33Ra7(%3Diza33Ra77%3Diza33Ra75%3DuSza33Ra7f%3Dvza33RaU%3DYiza33RaUi%3Diza33RaU(%3Diza33RaU7%3Diza33RaUU%3Dn!laza33RaUW%3Diza33RaU5%3Drza33RaWY%3Diza33RaW(%3DiMiiza33RaW5%3Diza33Raf%3Diza33Ras%3Diza33RG%3DiMi5Wza33R3Y%3DiMi5Wza33R3Yi%3DYMiiiza33R3YY%3DiM8f7za33R3Y(%3DiM7WYza33R3Y7%3DYMiiiza33R3YU%3DYMiiiza33R3YW%3DiM88Uza33R3Y5%3DiMYiYza33R3(%3DiMYsUza33R3(Y%3DYMiiiza33R3(7%3DYMiiiza33R3(U%3DYMiiiza33R3(W%3DYMiiiza33R3(8%3DYMiiiza33R37%3DYMiiiza33R37i%3DYMiiiza33R37U%3DYMiiiza33R37W%3DYMiiiza33R375%3DYMiiiza33R378%3DYMiiiza33R3Ui%3DYMiiiza33R3W%3DYMiiiza33R3WY%3DYMiiiza33R3W(%3DiMWs7za33R3W7%3DYMiiiza33R3WU%3DWMiiiza33R3WW%3DYMiiiza33R3Wf%3DYMiiiza33R35%3DYMiiiza33R3f%3DiM7WYza33R3f7%3DYMiiiza33R3fU%3DYMiiiza33R38%3DYMiiiza33R!%3DiMYiYz6R!n3%3DiMi5Wz6!n3%3DiMi5WzyI%3Di%20%2B%20izFyL%3DizFEXn6%3DS..u9pBcz3)F%3DYUWifisYz!RII%3DK9z!RFn%3D(YfMYYUM(YsMiz!RtI%3Duxz!Tl%3DWR7z!6CRIhE%3Dizt6GG6!REL)RFa%3D%2FY(YY%2FT!ME6!!LM3LFG%2Fyl36%2FILT6I6F!LztEa%3D%2FY(YY%2FT!ME6!!LM3LFG%2Fyl36%2FILT6I6F!LzJT!%3DizJFtFTFGFEX%3DizITan%3DiMiUUzFEXn6RFa%3DY5zt6GG6!REL)RFa%3D%2FY(YY%2FT!ME6!!LM3LFG%2Fyl36%2FILT6I6F!LztPnnGXREL)RFa%3DYUWifisYzJF6qLTFGFEX%3DiMWs(5Y7znlt%3DizIL!!F6!xa%3Dizl)TFa%3DiMY5iiiizTCG!%3DiMiiiztPFa%3DzaEI%3D6PRT6za33R6!n3%3DCLGt6za33%3DyL!3lhXzTanILna%3DizaLG)%3DPhFtlhY(zFhtG%3DiztlTn%3DzyE3G%3DYzaIPE%3Dfizal)T%3DiOYzFTI%3DYzzht4%3DYzE)t%3D8fiA(WizTtT%3DYzTtn%3DOYzE3A%3Ds7z3ATbE%3Di&hEJ=i&Fq=8fi&FhxC!=Y&Ta!xa=U5(&TFa=7U8i57&3IC=5s(7f&Xatn!=Y&bLEn!6=Y&bLETFa=OYi7&ILal3LFh=E4rOywIGOwO!n5N7IAXxs9~NrU)oUObq!lRL4ZfNc9B%3D&XnGn=Y&FtFa=W&LaJ=NX%20~6tE%20c6L!Iy6t&LIE=.~xCd%2FSh!6d6%2F!4uuu!AhUSLPhuPu7%2F~~4%2F&n)Fa=nif(ifsU(8WE(i(Ui7((Yf(s&ttGa=%7B%22ttFn%22%3A%22(YfMYYUM(YsMi%22%2C%22ttII%22%3A%22K9%22%2C%22tttI%22%3A%22ux%22%2C%22ttIEX%22%3A%22366!T6Ib%22%7D&yE3Gt!I=Y&sflct=8353880&ure=1
Frame ID: 6E0840FC1A04084BB744688B469E9647
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Frame ID: 8BC7A8344A5FE6B5CA5693E6DD5B627C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C229%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 45E15CE0D3444E0FAEEF72980DF31D9C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 02FD21C815661DEA4829660171F7842E
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=maillterr2a.imboxt3erra.dynv6.net
Frame ID: CE089E63BA7C1248F9910FAA76404709
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D5E18B1BCC958AE261C7F11E309E219F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDV2PQ3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 015730E6465D8EEAB5D12129EFBBCB5B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2E8F6F49D25C3BD0EA96D926CDBD8AF2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Terra Mail

Page URL History Show full URLs

https://maillterr2a.imboxt3erra.dynv6.net/terra/ HTTP 302
https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

166
Requests

96 %
HTTPS

39 %
IPv6

21
Domains

43
Subdomains

34
IPs

6
Countries

1940 kB
Transfer

5112 kB
Size

28
Cookies

60 Outgoing links

These are links going to different origins than the main page.

URL: https://servicos.terra.com.br/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=terra%20servicos&utm_content=barra%20de%20servicos&utm_term=barra%20de%20servicos&cdConvenio=CVTR00001907
Title: Conheça nossos serviços 0800 777 1234

Search URL Search Domain Scan URL

URL: https://central.terra.com.br/login?utm_source=terra&utm_medium=barra%20ds&utm_campaign=central%20do%20assinante&utm_content=central%20do%20assinante&utm_term=central%20do%20assinante&cdConvenio=CVTR00001907
Title: Atendimento ao cliente 0800 777 9797

Search URL Search Domain Scan URL

URL: http://www.terra.com.br/
Title: Ir para a página inicial

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/cursos-online/promo/super-oferta/?utm_source=terra&utm_medium=pulldown&utm_campaign=cursos20online&utm_content=novopulldown&utm_term=para20voce20pos201&cdConvenio=CVTR00001820
Title: Cursos Online

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/curso-de-ingles/promo/super-oferta/?utm_source=terra&utm_medium=pulldown&utm_campaign=curso20de20ingles&utm_content=novopulldown&utm_term=para20voce20pos202&cdConvenio=CVTR00001820
Title: Curso de Inglês

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/mail-gigante/?utm_source=terra&utm_medium=pulldown&utm_campaign=mail20gigante&utm_content=novopulldown&utm_term=para20voce20pos203&cdConvenio=CVTR00001820
Title: Mail Gigante

Search URL Search Domain Scan URL

URL: https://mail.terra.com.br/
Title: Acesse seu-email

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/antivirus/promo/super-oferta/?utm_source=terra&utm_medium=pulldown&utm_campaign=antivirus&utm_content=novopulldown&utm_term=para20voce20pos201&cdConvenio=CVTR00001820
Title: Antivírus

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/assistencia-tecnica/?utm_source=terra&utm_medium=pulldown&utm_campaign=assistencia&utm_content=novopulldown&utm_term=para20voce20pos205&cdConvenio=CVTR00001820
Title: Assistência

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/backup/?utm_source=terra&utm_medium=pulldown&utm_campaign=backup&utm_content=novopulldown&utm_term=para20voce20pos206&cdConvenio=CVTR00001820
Title: Backup

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/revistas-goread/?utm_source=terra&utm_medium=pulldown&utm_campaign=revistas20go20read&utm_content=novopulldown&utm_term=para20voce20pos207&cdConvenio=CVTR00001820
Title: Revistas Goread

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/musica-napster/promo/em-casa/?utm_source=terra&utm_medium=pulldown&utm_campaign=musica20by20napster&utm_content=novopulldown&utm_term=para20voce20pos208&cdConvenio=CVTR00001820
Title: Música by Napster

Search URL Search Domain Scan URL

URL: https://www.terrafibra.com.br/?utm_source=terra&utm_medium=barra20ds&utm_campaign=terra20fibra&utm_content=novopulldown&utm_term=para20voce20pos209&cdConvenio=CVTR00001820
Title: Terra Fibra

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/construtor-sites/promo/super-oferta/?utm_source=terra&utm_medium=pulldown&utm_campaign=construtor20de20sites&utm_content=novopulldown&utm_term=para20sua20empresa20pos201&cdConvenio=CVTR00001820
Title: Construtor de Sites

Search URL Search Domain Scan URL

URL: https://terraempresas.com.br/construtor-sites/promo/terra-faz-para-voce/?utm_source=&utm_medium=pulldown&utm_campaign=site20pronto&utm_content=novopulldown&utm_term=para20sua20empresa20pos202&cdConvenio=CVTR00001820
Title: Site Pronto | O Terra faz pra você

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/loja-virtual/promo/super-oferta/?utm_source=terra&utm_medium=pulldown&utm_campaign=loja20virtual&utm_content=novopulldown&utm_term=para20sua20empresa20pos203&cdConvenio=CVTR00001820
Title: Loja Virtual

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/loja-virtual/promo/terra-faz-para-voce/?utm_source=terra&utm_medium=pulldown&utm_campaign=loja20pronta&utm_content=novopulldown&utm_term=para20sua20empresa20pos204&cdConvenio=CVTR00001820
Title: Loja Pronta | O Terra faz pra você

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/dominio/?utm_source=terra&utm_medium=pulldown&utm_campaign=dominio&utm_content=novopulldown&utm_term=para20sua20empresa20pos205&cdConvenio=CVTR00001820
Title: Domínio

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/hospedagem-site/?utm_source=terra&utm_medium=pulldown&utm_campaign=hospedagem20de20sites&utm_content=novopulldown&utm_term=para20sua20empresa20pos206&cdConvenio=CVTR00001820
Title: Hospedagem de Sites

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/email-profissional/?utm_source=terra&utm_medium=pulldown&utm_campaign=e-mail20profissional&utm_content=novopulldown&utm_term=para20sua20empresa20pos207&cdConvenio=CVTR00001820
Title: E-mail Profissional

Search URL Search Domain Scan URL

URL: https://webmail.terraempresas.com.br/
Title: Acesse seu-email profissional

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/seguranca-digital/?utm_source=terra&utm_medium=pulldown&utm_campaign=antivirus&utm_content=novopulldown&utm_term=para20sua20empresa20pos208&cdConvenio=CVTR00001820
Title: Antivírus

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/terra-ads/?utm_source=terra&utm_medium=pulldown&utm_campaign=terra20ads&utm_content=novopulldown&utm_term=para20sua20empresa20pos209&cdConvenio=CVTR00001820
Title: Terra Ads

Search URL Search Domain Scan URL

URL: https://www.vivo.com.br/

Search URL Search Domain Scan URL

URL: https://appstore.vivo.com.br/sc/br/vivostore
Title: Conheça os apps da Vivo

Search URL Search Domain Scan URL

URL: https://www.loja.vivo.com.br/
Title: Celulares e acessórios

Search URL Search Domain Scan URL

URL: https://www.vivomoney.com.br/
Title: Vivo Money

Search URL Search Domain Scan URL

URL: https://www.vivogestaodeequipe.com.br/Site
Title: Vivo Gestão de Equipes

Search URL Search Domain Scan URL

URL: https://www.vivo.com.br/para-empresas/produtos-e-servicos/digitais/iot
Title: Vivo M2M | IOT

Search URL Search Domain Scan URL

URL: https://www.vivoplataformadigital.com.br/cms/pt
Title: Vivo Cloud

Search URL Search Domain Scan URL

URL: https://central.terra.com.br/?utm_source=terra&utm_medium=pulldown&utm_campaign=central20do20assinante&utm_content=novopulldown&cdConvenio=CVTR00001820
Title: Central do Assinante

Search URL Search Domain Scan URL

URL: https://central.terra.com.br/boleto-simplificado
Title: 2º via de boleto

Search URL Search Domain Scan URL

URL: https://duvidas.terra.com.br/
Title: Perguntas Frequentes

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/tutoriais
Title: Tutoriais

Search URL Search Domain Scan URL

URL: https://central.terra.com.br/atendimento
Title: Fale com o Terra

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/blog/?utm_source=terra&utm_medium=pulldown&utm_campaign=blog20terra20empresas&utm_content=banner_novopulldown&cdConvenio=CVTR00001820

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/construtor-sites/promo/super-oferta/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=construtor%20de%20sites&utm_content=construtor%20de%20sites&utm_term=cabeceira%20pos%201&cdConvenio=CVTR00001907
Title: Construtor de Sites

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/mail-gigante/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=mail%20gigante&utm_content=mail%20gigante&utm_term=cabeceira%20pos%202&cdConvenio=CVTR00001907
Title: Mail Gigante

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/loja-virtual/promo/super-oferta/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=loja%20virtual&utm_content=loja%20virtual&utm_term=cabeceira%20pos%203&cdConvenio=CVTR00001907
Title: Loja Virtual

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/cursos-online/promo/super-oferta/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=cursos%20online&utm_content=cursos%20online&utm_term=cabeceira%20pos%204&cdConvenio=CVTR00001907
Title: Cursos Online

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/antivirus/promo/super-oferta/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=antivirus&utm_content=antivirus&utm_term=cabeceira%20pos%205&cdConvenio=CVTR00001907
Title: Antivírus

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/curso-de-ingles/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=curso%20de%20ingles&utm_content=curso%20de%20ingles&utm_term=cabeceira%20pos%206&cdConvenio=CVTR00001907
Title: Curso de Inglês

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/hospedagem-site/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=hospedagem%20de%20sites&utm_content=hospedagem%20de%20sites&utm_term=cabeceira%20pos%207&cdConvenio=CVTR00001907
Title: Hospedagem de Sites

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/email-profissional/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=e-mail%20profissional&utm_content=e-mail%20profissional&utm_term=cabeceira%20pos%207&cdConvenio=CVTR00001907
Title: E-mail Profissional

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/assistencia-tecnica/promo/dia-a-dia/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=assistencia&utm_content=assistencia&utm_term=cabeceira%20pos%209&cdConvenio=CVTR00001907
Title: Assistência

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/terra-ads/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=terra%20ads&utm_content=terra%20ads&utm_term=cabeceira%20pos%208&cdConvenio=CVTR00001907
Title: Terra Ads

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/musica-napster/promo/milhoes-de-musicas/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=terra%20musica&utm_content=terra%20musica&utm_term=cabeceira%20pos%2011&cdConvenio=CVTR00001907
Title: Terra Música

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/dominio/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=dominio&utm_content=dominio&utm_term=cabeceira%20pos%2012&cdConvenio=CVTR00001907
Title: Domínio

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/revistas-goread/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=revistas%20go%20read&utm_content=revistas%20go%20read&utm_term=cabeceira%20pos%2013&cdConvenio=CVTR00001907
Title: Revistas - GoRead

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/backup/promo/promocao-1tb/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=backup%20pf&utm_content=backup%20pf&utm_term=cabeceira%20pos%2014&cdConvenio=CVTR00001907
Title: Backup

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/mail-gigante/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=mail%20gigante&utm_content=banner%20barra%20ds&utm_term=display&cdConvenio=CVTR00001907

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/?utm_source=terra&utm_medium=terra%20mail&utm_campaign=terra%20servicos&utm_content=assine&utm_term=desktop&cdConvenio=CVTR00001824
Title: Assine

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/?utm_source=terra-mail&utm_medium=espaco-fixo&utm_campaign=link&utm_content=pg&utm_term=servicos-terra&cdConvenio=CVTR00001824
Title: Serviços Terra

Search URL Search Domain Scan URL

URL: https://central.terra.com.br/login?/?utm_source=terra-mail&utm_medium=espaco-fixo&utm_campaign=link_terra-mail&utm_content=pg&utm_term=central-do-assinante&cdConvenio=CVTR00001824
Title: Central do assinante

Search URL Search Domain Scan URL

URL: https://duvidas.terra.com.br/produtos/frequente/31/terra-mail/
Title: Ajuda

Search URL Search Domain Scan URL

URL: https://www.terra.com.br/avisolegal/terra-mail-gigante/
Title: Condições de uso

Search URL Search Domain Scan URL

URL: https://central.terra.com.br/esqueci-minha-senha
Title: Esqueci minha senha

Search URL Search Domain Scan URL

URL: https://duvidas.terra.com.br/duvidas/2197/qual-o-tempo-de-armazenamento-das-mensagens/
Title: Clique e confira o tempo para cada pasta »

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://maillterr2a.imboxt3erra.dynv6.net/terra/ HTTP 302
https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 164

https://gum.criteo.com/sid/json?origin=publishertag&domain=imboxt3erra.dynv6.net&sn=ChromeSyncframe&so=0&topUrl=maillterr2a.imboxt3erra.dynv6.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=LO5GAHxSdlV6clBiaXBBb0x6aklEU0tMREN2MllYNUswaHZUZXkyR1dWcVF1NUwvVmNWK1NCMWo4cytqSVRzTnFXc1FDTElrSnF6S3p5TkZvV1d5YTk0TUFsUm5RYlkzMmdycTJQZUFKSDJCMjlRR2dIR251RlhKOUVLS3U2THVsVDNqMEh3NE5wek1PQU1LbkFMcUVGZXcwNU4vdGdFUGhSL0RwTWVoam5CL3RtRzV1Q3FscXVCYTZsa0R3MEVTV3BIV0ZTandmOEhGL0lObjluM3duWVVnQkhJODZWdEJ0NmNkOGx1V2xlQ0VzRkVFczh0b003NWF4dFpjdkNzb2VSNFllK1pWeFRPM0RGR25UbGx0ZkdmdEc3cUxkM29ScSt4VXVESFJ2Q2pGZlUxST18&cppv=2

166 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request terra.php Show response
maillterr2a.imboxt3erra.dynv6.net/terra/
Redirect Chain

https://maillterr2a.imboxt3erra.dynv6.net/terra/
https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

16 KB
5 KB

109ms
109ms

Document
text/html

20.15.107.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.15.107.238 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 61b7324118b3e3a2d3146e82daa175edbe0533632093f53added63f3d0b906e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5087
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Mar 2024 17:28:51 GMT
Keep-Alive: timeout=5, max=99
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Mar 2024 17:28:51 GMT
Keep-Alive: timeout=5, max=100
Location: terra.php?random=28947
Server: Apache/2.4.41 (Ubuntu)

GET
H2 200 core.css
s1.trrsf.com.br/terramail/capa/terra/_css/ 24 KB
5 KB 2991ms
132ms Stylesheet
text/css 208.84.244.97
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com.br/terramail/capa/terra/_css/core.css
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS: mia-cdn.trrsf.com
Software: Terra Web Server /
Resource Hash: c50dab21cc8d77be54e50ac80c4449c32fcbaab32ca8e0bfbde67b366fd733b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
content-encoding: br
last-modified: Tue, 24 Nov 2015 12:38:17 GMT
server: Terra Web Server
vary: Accept-Encoding, Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: text/css
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000

GET
H2 200 context2.css
s1.trrsf.com.br/terramail/capa/terra/_css/ 24 KB
6 KB 3122ms
263ms Stylesheet
text/css 208.84.244.97
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com.br/terramail/capa/terra/_css/context2.css
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS: mia-cdn.trrsf.com
Software: Terra Web Server /
Resource Hash: a342613ee0097818cb1d7195811b84cce65d38b9b30850c844ce61f06935d8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
content-encoding: br
last-modified: Wed, 18 Jan 2017 17:38:16 GMT
server: Terra Web Server
vary: Accept-Encoding, Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: text/css
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000

GET
H2 200 navbar.css
s1.trrsf.com/fe/zaz-app-navbar/_css/ 67 KB
10 KB 310ms
53ms Stylesheet
text/css 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-app-navbar/_css/navbar.css
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 5c5a9efd1aaf8622dba343cc8a028336cddb7fed5c8ec2b4c6df1b918006f333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:51 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:31 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
access-control-expose-headers: content-type, x-cache
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 9847

GET
H2 200 jquery-3.5.1.min.js Show response
s1.trrsf.com.br/terramail/_js/ 87 KB
30 KB 3125ms
266ms Script
application/javascript 208.84.244.97
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com.br/terramail/_js/jquery-3.5.1.min.js
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS: mia-cdn.trrsf.com
Software: Terra Web Server /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
content-encoding: br
last-modified: Mon, 08 Jun 2020 15:30:40 GMT
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/javascript
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000

GET
H2 200 zaz.inline.min.js Show response
s1.trrsf.com/fe/zaz-cerebro/prd/scripts/ 3 KB
1 KB 315ms
58ms Script
application/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-cerebro/prd/scripts/zaz.inline.min.js?standalone=true?v=5
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 8dcb0fcb98f857932586111ae076aa46c7f403fa58107f183ca5b074af3b78dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:51 GMT
content-encoding: br
last-modified: Mon, 08 Jan 2024 14:05:07 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
access-control-expose-headers: content-type, x-cache
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 1069

GET
H2 200 login_sync.js Show response
s1.trrsf.com.br/terramail/_js/ 9 KB
2 KB 3122ms
264ms Script
application/javascript 208.84.244.97
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com.br/terramail/_js/login_sync.js
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS: mia-cdn.trrsf.com
Software: Terra Web Server /
Resource Hash: 946eb995c70a4877c4e5b4ae1d6fe72973c93fb55e93e8ac999aa4cf784e8533

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
content-encoding: br
last-modified: Tue, 15 Sep 2020 10:39:05 GMT
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/javascript
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000

GET
H2 200 mod-manager.min.js Show response
s1.trrsf.com/fe/zaz-mod-manager/ 43 KB
12 KB 306ms
50ms Script
application/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-mod-manager/mod-manager.min.js
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: fd038a3b5887a7211da38f300f043f190119b3d194cccbfc109d10d41ea42a81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:51 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 18:57:04 GMT
server: Terra Web Server
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
access-control-expose-headers: content-type, x-cache
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 11560

GET
H2 200 script Show response
p1.trrsf.com/cengine/igniter/ 4 KB
2 KB 301ms
50ms Script
text/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/cengine/igniter/script?s=navbar&r=ad&r=breadcrumb&r=breakingNews&r=cookie-message&r=footer&r=navbar-email&r=search&r=ticker&r=socialpanel&r=shortcuts&r=under18-message&rs=email&p=fixed
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 4a894b0c4a2f4c3fff8bc316a7ad3527f61464b0f7b70d211fefbf52e0b765ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:51 GMT
content-encoding: gzip
x-igniter-uuid: 3e8e7556-a07e-403d-80fd-cef1cdd8df9d
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=30, stale-while-revalidate=60, stale-if-error=864000
content-length: 1473

GET
H2 200 content.js Show response
s1.trrsf.com.br/metrics/js/br/ 233 B
501 B 3121ms
264ms Script
application/javascript 208.84.244.97
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com.br/metrics/js/br/content.js
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS: mia-cdn.trrsf.com
Software: Terra Web Server /
Resource Hash: eb784ac3d8f6b7e1af85aaf341a248344a9dd8ef874442fc3db40efda6ce9d03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
content-encoding: br
last-modified: Mon, 09 May 2022 19:16:11 GMT
server: Terra Web Server
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=60, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 zaz.min.js Show response
s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/ 347 KB
84 KB 71ms
70ms Script
application/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/fe/zaz-cerebro/prd/scripts/zaz.inline.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 0f959222ac5827d10e5cb09093bde3ff4c7e0fcdcb2e0e06c8e39a0e3983ed36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
content-encoding: br
last-modified: Mon, 08 Jan 2024 14:05:07 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 85279

GET
H/1.1 404
Not Found index.php Show response
maillterr2a.imboxt3erra.dynv6.net/mail/ 296 B
512 B 108ms
108ms XHR
text/html 20.15.107.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://maillterr2a.imboxt3erra.dynv6.net/mail/index.php?r=site/login&format=json
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/terramail/_js/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.15.107.238 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: edc6a89c64d41073eb96c33e359a1f33b22e50b9056d0d92350a36dfa58f04f8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Fri, 22 Mar 2024 17:28:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 296
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 zaz.inline.min.js Show response
s1.trrsf.com/update-1704722707/fe/zaz-cerebro/prd/scripts/ 3 KB
1 KB 56ms
55ms Script
application/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1704722707/fe/zaz-cerebro/prd/scripts/zaz.inline.min.js?standalone=true
Requested by: Host: p1.trrsf.com
URL: https://p1.trrsf.com/cengine/igniter/script?s=navbar&r=ad&r=breadcrumb&r=breakingNews&r=cookie-message&r=footer&r=navbar-email&r=search&r=ticker&r=socialpanel&r=shortcuts&r=under18-message&rs=email&p=fixed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 8dcb0fcb98f857932586111ae076aa46c7f403fa58107f183ca5b074af3b78dd

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
content-encoding: br
last-modified: Mon, 08 Jan 2024 14:05:07 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 1069

GET
H2 200 terra-horizontal-branco.svg
www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/ 6 KB
3 KB 311ms
48ms Image
image/svg+xml 2a02:26f0:780::5f65:367b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/terra-horizontal-branco.svg

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:367b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-mt-cache: STALE
strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Mar 2024 17:28:54 GMT
x-cdnterra-cache-status: HIT
content-length: 2774
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-type, x-cache
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 202203110000a.js Show response
s1.trrsf.com/metrics/inc/br/ 83 KB
25 KB 51ms
51ms Script
application/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/metrics/inc/br/202203110000a.js
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/metrics/js/br/content.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 348b67f2de749b5738ecd616db955265833e209759167e23c17054c0fbd6549e

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
content-encoding: gzip
last-modified: Fri, 11 Mar 2022 13:18:10 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=60, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 25176

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 352 KB
30 KB 90ms
22ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-10969-0/CT-411
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/metrics/inc/br/202203110000a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 3940a2bf06afd3626a18a1adc9f89ffa8bf90dceac97952e4b72293da528673d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 15:57:12 GMT
content-encoding: gzip
via: 1.1 google
age: 5502
x-guploader-uploadid: ABPtcPqRBKcAo7g8wroCmF-MYVI9s37ROWSAuoU7xEotksibk4mghHhpWfVx8bKebz92hetibpHJqR0Sog
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30122
last-modified: Fri, 15 Mar 2024 12:30:04 GMT
server: nginx/1.8.1
etag: "f4a4342f76592a26aa48e1b5f8871efd"
vary: Accept-Encoding
x-goog-generation: 1710505804269516
x-goog-hash: md5=9KQ0L3ZZKiaqSOG1+Ice/Q==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 30122
accept-ranges: bytes
expires: Fri, 22 Mar 2024 17:57:12 GMT

GET
H2 200 ttl-general.gif
s1.trrsf.com/terramail/capa/terra/_img/ 5 KB
5 KB 65ms
64ms Image
image/gif 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/terramail/capa/terra/_img/ttl-general.gif
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/terramail/capa/terra/_css/context2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: cce5b207bafcac198b067c60c7899be700fc0780fa46b7d75773d0f360a45e9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
last-modified: Fri, 06 Aug 2010 18:13:55 GMT
server: Terra Web Server
x-cdnterra-cache-status: MISS
content-type: image/gif
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges: bytes
content-length: 4952

GET
H2 200 klavika
p1.trrsf.com/image/ 2 KB
2 KB 189ms
189ms Image
image/gif 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.trrsf.com/image/klavika?c=sh&t=acesse%20seu%20terra%20mail
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/terramail/capa/terra/_css/context2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 5b55292cb19be85439b763dd346ac0e0304ea5f90f244660e554d9384c50bda3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
last-modified: Mon, 10 Jul 2023 19:01:41 GMT
server: Terra Web Server
vary: Accept
x-cdnterra-cache-status: HIT
content-type: image/gif
cache-control: max-age=315360000
content-length: 2126
expires: Sun, 10 Jul 2033 19:01:41 GMT

GET
H2 200 btn-terramail_v2.gif
s1.trrsf.com/terramail/capa/terra/_img/ 5 KB
5 KB 57ms
57ms Image
image/gif 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/terramail/capa/terra/_img/btn-terramail_v2.gif
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/terramail/capa/terra/_css/context2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 57425ffa63cfde72a41bfccb7102329aa38d2702abc780e494dc07e87e902a9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
last-modified: Fri, 06 Aug 2010 18:13:55 GMT
server: Terra Web Server
x-cdnterra-cache-status: HIT
content-type: image/gif
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges: bytes
content-length: 4958

GET
H2 200 normal_2.html Show response
s1.trrsf.com.br/slide-mail/ Frame BE03 19 KB
3 KB 133ms
133ms Document
text/html 208.84.244.97
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com.br/slide-mail/normal_2.html
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS: mia-cdn.trrsf.com
Software: Terra Web Server /
Resource Hash: a2a07c6ecbecbc2a84021c2b2ee1502483b401523a6b6bb6f5f709aa5bd1f720

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300, stale-while-revalidate=900, stale-if-error=864000
content-encoding: br
content-type: text/html
date: Fri, 22 Mar 2024 17:28:54 GMT
last-modified: Tue, 05 Mar 2024 19:30:17 GMT
server: Terra Web Server
vary: Accept-Encoding Accept-Encoding
x-cdnterra-cache-status: HIT

GET
H2 200 ico-general.png
s1.trrsf.com/atm/3/core/_img/ 8 KB
8 KB 60ms
60ms Image
image/png 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/atm/3/core/_img/ico-general.png
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/terramail/capa/terra/_css/context2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: bc03d253ae8bd556dae288f329158a063063e30afa0e8ea7ea13edec2063dd76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
last-modified: Tue, 24 Jan 2023 18:50:45 GMT
server: cloudflare-nginx
x-cdnterra-cache-status: HIT
content-type: image/png
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges: bytes
content-length: 8240

GET
H2 200 txt-armazenamento-msg.jpg
s1.trrsf.com/terramail/capa/terra/_img/ 5 KB
5 KB 55ms
55ms Image
image/jpeg 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/terramail/capa/terra/_img/txt-armazenamento-msg.jpg
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/terramail/capa/terra/_css/context2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: e5d85771b1d7819b5173f95fa79262187bfd076ffb273be015e774c747d4e112

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
last-modified: Fri, 06 Aug 2010 18:13:55 GMT
server: Terra Web Server
x-cdnterra-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges: bytes
content-length: 5112

GET
H2 200 collect
www.google-analytics.com/ 35 B
300 B 70ms
21ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j41&a=354052031&t=pageview&_s=1&dl=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&ul=en-us&de=UTF-8&dt=Terra%20Mail&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=CGAAgEABG~&jid=1620555981&cid=475755074.1711128535&tid=UA-54936151-1&cd1=comunidad&cd2=email&cd3=&cd4=comunidades&cd5=300263&cd6=home&cd7=cap&cd8=Direct%20Load&cd9=terra&cd10=N&cd11=&cd12=&cd14=&cd15=br&cd16=&cd17=&cd18=&cd19=&cd20=https%3A%2F%2Fs1.trrsf.com%2Fmetrics%2Finc%2Fbr%2F202203110000a.js&cd21=T&cd22=desktop&cd23=&cd34=&cd35=&cd40=&cd41=&cd44=us%3Amail&cd48=&z=1805314551

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 22:17:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69108
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
337 B 85ms
29ms Image
image/gif 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j41&tid=UA-54936151-1&cid=475755074.1711128535&jid=1620555981&_u=CGAAgEABG~&z=1965841664

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 22 Mar 2024 17:28:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
227 B 79ms
21ms Image
text/plain 18.244.18.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3000033&ns__t=1711128534835&ns_c=UTF-8&c8=Terra%20Mail&c7=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&c9=
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-32.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-amz-cf-id: uZfWecAbQL_AJwGyqPBfY0-PBT2F3w6dlENM-BKQajIudpjhYgAJTg==
x-cache: Miss from cloudfront

GET
H2 200 ShowArea Show response
p1.trrsf.com/api/tagmanfe/ 7 KB
3 KB 48ms
47ms Script
application/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/tagmanfe/ShowArea?key=br.terra_mail.home.setup&direct=1
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/fe/zaz-mod-manager/mod-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: e2759ae13ee76196b834eb8481f6631370d0bbf8c08ba2dfb0c40e6957a3e0cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
content-encoding: gzip
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
x-tagman-uuid: 1e2dfc05-1e92-44b4-a21b-8e8ce7ee18b8
content-length: 2572

GET
H2 200 ShowArea Show response
p1.trrsf.com/api/tagmanfe/ 5 KB
1 KB 53ms
52ms Script
application/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/tagmanfe/ShowArea?key=br.terra_mail.home.cabeceira&area=cabeceira&direct=1
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/fe/zaz-mod-manager/mod-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 76c2b9a887e2be6c58753422ddc93663051846fcd9955f7a82e9318a9eb4b076

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
content-encoding: gzip
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
x-tagman-uuid: c72863c0-e5f3-4996-a81e-f3a8fc611f25
content-length: 1190

GET
H2 200 ShowArea Show response
p1.trrsf.com/api/tagmanfe/ 5 KB
1 KB 53ms
53ms Script
application/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/tagmanfe/ShowArea?key=br.terra_mail.home.s1&area=s1&direct=1
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/fe/zaz-mod-manager/mod-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 562003ec2a8e3f8395e2b490fb8ee1bf321c5c6d0e9edd1f0c3e8ef89fa2d82c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:54 GMT
content-encoding: gzip
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
x-tagman-uuid: c8782cd7-282d-4a22-8859-6c39af3d67be
content-length: 1169

GET
H2 200 jquery.js Show response
s1.trrsf.com.br/slide-mail/js/ Frame BE03 92 KB
31 KB 140ms
139ms Script
application/javascript 208.84.244.97
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com.br/slide-mail/js/jquery.js
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/slide-mail/normal_2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS: mia-cdn.trrsf.com
Software: Terra Web Server /
Resource Hash: f4270cd8aaa654b7ff6c695b82ce3f8b19464e05ac2f889612c8dd5c54c54936

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com.br/slide-mail/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
content-encoding: br
last-modified: Wed, 04 Dec 2013 19:23:08 GMT
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/javascript
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000

GET
H2 200 jquery.sudoSlider.min.js Show response
s1.trrsf.com.br/slide-mail/js/ Frame BE03 12 KB
5 KB 271ms
270ms Script
application/javascript 208.84.244.97
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com.br/slide-mail/js/jquery.sudoSlider.min.js
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/slide-mail/normal_2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS: mia-cdn.trrsf.com
Software: Terra Web Server /
Resource Hash: a5dc8ebb7a2dbe62e6c45ad27873474b89dfdb5d5c633e2eecae08bad0dcce6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com.br/slide-mail/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
content-encoding: br
last-modified: Wed, 04 Dec 2013 19:23:08 GMT
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/javascript
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000

GET
H2 200 DS844_Pecas_MailGigante_BN-618x226_v2_HL.jpg
s1.trrsf.com.br/slide-mail/img/banner/ Frame BE03 36 KB
36 KB 272ms
271ms Image
image/jpeg 208.84.244.97
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com.br/slide-mail/img/banner/DS844_Pecas_MailGigante_BN-618x226_v2_HL.jpg
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/slide-mail/normal_2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS: mia-cdn.trrsf.com
Software: Terra Web Server /
Resource Hash: 62aead83b721830f4ae3ea138ca2bcdae8a7b9c69d1b921834c3a8088ba4d2b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com.br/slide-mail/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
last-modified: Fri, 21 Jul 2023 15:12:02 GMT
server: Terra Web Server
x-cdnterra-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges: bytes
content-length: 36673

GET
H2 200 DS975_KV_NBA_BN_Home-618x226_V1_RN.png
s1.trrsf.com.br/slide-mail/img/banner/ Frame BE03 164 KB
164 KB 272ms
272ms Image
image/png 208.84.244.97
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com.br/slide-mail/img/banner/DS975_KV_NBA_BN_Home-618x226_V1_RN.png
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/slide-mail/normal_2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS: mia-cdn.trrsf.com
Software: Terra Web Server /
Resource Hash: a7e24f0533599f142ce5fa24301b330a5bb8546cdbebca6a885196e80f5e5a00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com.br/slide-mail/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
last-modified: Tue, 05 Mar 2024 19:30:13 GMT
server: Terra Web Server
x-cdnterra-cache-status: HIT
content-type: image/png
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges: bytes
content-length: 167448

GET
H2 200 Contabilidade_Home_Terra_Mail-618x226.jpg
s1.trrsf.com.br/slide-mail/img/banner/ Frame BE03 34 KB
35 KB 265ms
264ms Image
image/jpeg 208.84.244.97
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com.br/slide-mail/img/banner/Contabilidade_Home_Terra_Mail-618x226.jpg
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/slide-mail/normal_2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS: mia-cdn.trrsf.com
Software: Terra Web Server /
Resource Hash: 99e6be2e6f35c44979f78f70cb06a47b84150d0d8e9945fce11b9665b4a085f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com.br/slide-mail/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
last-modified: Wed, 18 Oct 2023 19:22:02 GMT
server: Terra Web Server
x-cdnterra-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges: bytes
content-length: 35276

GET
H2 200 DS840_Pecas_TerraMail_CentralAssinante_Gestao_618x226_V0_VP.jpg
s1.trrsf.com.br/slide-mail/img/banner/ Frame BE03 76 KB
77 KB 266ms
266ms Image
image/jpeg 208.84.244.97
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com.br/slide-mail/img/banner/DS840_Pecas_TerraMail_CentralAssinante_Gestao_618x226_V0_VP.jpg
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/slide-mail/normal_2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS: mia-cdn.trrsf.com
Software: Terra Web Server /
Resource Hash: 3dff9efd4a6d72287b4d30593d1592b349cd42eeda64ce35af90dc46d90166eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com.br/slide-mail/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
last-modified: Tue, 30 May 2023 14:12:06 GMT
server: Terra Web Server
x-cdnterra-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges: bytes
content-length: 78048

GET
H2 200 DS749_Banner_Online_CURSOS_BN-618x226_v2_HL.jpg
s1.trrsf.com.br/slide-mail/img/banner/ Frame BE03 121 KB
121 KB 268ms
268ms Image
image/jpeg 208.84.244.97
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com.br/slide-mail/img/banner/DS749_Banner_Online_CURSOS_BN-618x226_v2_HL.jpg
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/slide-mail/normal_2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS: mia-cdn.trrsf.com
Software: Terra Web Server /
Resource Hash: 2bdc242f8afad2131cb05e2e3288c34d1f6a677452331c1f5b478193f754b9e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com.br/slide-mail/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
last-modified: Fri, 21 Jul 2023 15:12:02 GMT
server: Terra Web Server
x-cdnterra-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
accept-ranges: bytes
content-length: 123631

GET
H2 200 include Show response
p1.trrsf.com/api/includer/ 6 KB
1 KB 494ms
389ms Fetch
application/json 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/includer/include?component=app.navbar&component=mod.aps&component=mod.gpt&component=mod.prebid&country=br&env=prod&format=json&group=web&scheme=https&standalone=true%3Fv%3D5
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 1e5047e5dbbf23c54dc88d0941cb9e4b6886c0a210d46504ba9891d4d9dd1192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
content-encoding: gzip
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length: 915
x-includer-uuid: 5d3eff15-279d-4548-8481-0863c129d78c

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 301 KB
75 KB 100ms
23ms Script
application/javascript 13.224.185.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.185.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-185-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fed25c522546f1b2e83ec7d466da2382d7ebac5c10ce2d77605b2796f3572eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 16:50:48 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified: Thu, 21 Mar 2024 21:31:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 2288
x-amz-server-side-encryption: AES256
etag: W/"3bc15e34b43d9d067b221c136d54b522"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: vWro4Ly77VnR_ATf_R2i4Wy-cXqvinh5AgCfr2tkNG3YA8-2CUfIMw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 133ms
60ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e77d4f8d5482bf993e6e1ab83e9b8d44cbdf31b7852059d34afa5614f9e015b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28982
x-xss-protection: 0
server: cafe
etag: 421 / 19804 / m202403190101 / config-hash: 12040102121385795711
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 17:28:55 GMT

GET
H2 200 prebid.js Show response
s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/ 323 KB
95 KB 49ms
49ms Script
application/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 189d97907f24a96a47f040fbdacb4f930d1ff41675ac96b659d2cb3eb607d095

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
content-encoding: br
last-modified: Fri, 26 Jan 2024 18:05:08 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 96534

GET
H2 200 zaz.inline.min.js Show response
s1.trrsf.com/fe/zaz-cerebro/prd/scripts/ 3 KB
2 KB 57ms
56ms Fetch
application/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-cerebro/prd/scripts/zaz.inline.min.js?standalone=true%3Fv%3D5
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 8dcb0fcb98f857932586111ae076aa46c7f403fa58107f183ca5b074af3b78dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
content-encoding: gzip
last-modified: Mon, 08 Jan 2024 14:05:07 GMT
server: Terra Web Server
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
access-control-expose-headers: content-type, x-cache
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 1198

GET
H2 200 zazstandalone.min.css Show response
s1.trrsf.com/update-1674586315/fe/zaz-morph/_css/ 15 KB
3 KB 56ms
55ms Fetch
text/css 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586315/fe/zaz-morph/_css/zazstandalone.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: e3c16773695082bff1986622d1321bfe386d2855789da8136527d4cb76c0dc58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:55 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: MISS
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2460

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 58ms
19ms XHR
application/javascript 13.224.185.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.185.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-185-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 04:14:24 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 47672
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: AUe9kdVIr509uXbM2i0IUVEtbJ9Zm_bIic-s9KXEhWVWU2WoEBPcPQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/ 438 KB
138 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fe53cf7f03d12af875315353f6ab8df7a936fa9e26cbe0c5e2f1dc7269652b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 10:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24621
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141049
x-xss-protection: 0
server: cafe
etag: 7927512453849819874
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 22 Mar 2025 10:38:34 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 78 B
91 B 93ms
51ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=maillterr2a.imboxt3erra.dynv6.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21396c6e3b051e5d6f443dd75bd113c0d5381dd7b29f183acbd4b1cc5376602b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66
x-xss-protection: 0
expires: Fri, 22 Mar 2024 17:28:55 GMT

GET
H2 200 navbarstandalone.min.css Show response
s1.trrsf.com/update-1674586291/fe/zaz-app-navbar/_css/ 66 KB
10 KB 76ms
76ms Fetch
text/css 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586291/fe/zaz-app-navbar/_css/navbarstandalone.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 9aa7e7037c03e20ffa24aa11807553d1fb0de02cde3fbe30090aa046fac24760

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 18:51:31 GMT
server: Terra Web Server
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 10311

GET
H2 200 app-navbar.standalone.min.js Show response
s1.trrsf.com/update-1674586291/fe/zaz-app-navbar/_js/ 92 KB
17 KB 70ms
70ms Fetch
application/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586291/fe/zaz-app-navbar/_js/app-navbar.standalone.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 663f70e65e2eb7f65ebe67512f26aba6633027a184560dc0727ecc3f50fb96af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:31 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 17015

GET
H2 200 bc92a28d-5a18-4ea4-9491-626e7826c69c Show response
config.aps.amazon-adsystem.com/configs/ 563 B
830 B 78ms
19ms Script
application/javascript 18.245.31.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/bc92a28d-5a18-4ea4-9491-626e7826c69c
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-123.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1c121844f01c8abb42eb2dfe4273e2b43b69269484c79290af05dfdc1d71f501

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 16:37:19 GMT
via: 1.1 1feab8d6a8e5cc920c359b62fd33d3de.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
age: 3096
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: AGBHS2ctbPNIE1twgyIa5k60v6kJupRVsZIwl53Ngnpbj1YaZR-x1A==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
321 B 22ms
22ms XHR
text/plain 13.224.185.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net&pubid=bc92a28d-5a18-4ea4-9491-626e7826c69c
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.185.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-185-120.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:43 GMT
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 11
x-cache: Hit from cloudfront
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: A-JVn5dhdiU9aUSoGhYkJOvYN-Sw7d6X07iZteP_HDHQGlSqsTyiQw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
368 B 221ms
150ms XHR
text/javascript 13.33.221.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&pid=A0XDh339KdKQO&cb=0&ws=1600x1200&v=24.319.2210&t=2000&slots=%5B%7B%22sd%22%3A%22mod-footer%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%221272x250%22%5D%2C%22sn%22%3A%22%2F1211%2Fbr.terra.mail%2Fhome%2Fcabeceira%22%7D%5D&pubid=bc92a28d-5a18-4ea4-9491-626e7826c69c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.221.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-221-174.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
via: 1.1 425709fb5486bea91d36ef6c75d4ffac.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P10
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: e6IT5DWJG6E_Pf3jJWAh0b9seuKOqPuQn_mveFrTMiu2yolxN7elKw==

POST
H2 403 3612118 Show response
bs.yandex.ru/prebid/ 27 B
470 B 362ms
72ms XHR
text/html 2a02:6b8::90
TELETECH

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/3612118?imp-id=1&target-ref=maillterr2a.imboxt3erra.dynv6.net&ssp-id=10500
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software: /
Resource Hash: 831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 17:28:56 GMT
x-yandex-req-id: 1711128536249841-1688436228673612941900298-production-app-host-vla-pcode-404
content-type: text/html; charset=windows-1251
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Fri, 22 Mar 2024 17:28:56 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 338ms
272ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

de5911c4093cf65affd59f74aa43dae5c6f24146b0ba192431289b8374c9b9d4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:56 GMT
an-x-request-uuid: 7d376410-1715-480b-b8d0-d815e9dae2af
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.23; 217.114.218.23; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 143
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
583 B 362ms
118ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
736 B 190ms
130ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUDV2PQ3
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: eea45956474d526490902b9c13527ff50bacb0a3a8e0a056abbbb791e454d3bd

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:55 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Mar 2024 17:28:56 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 KB
10 KB 309ms
244ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

859897c8a33945c743702dbb90ba0526319dfcf548b16dcc033bfb1448237626

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: gzip
an-x-request-uuid: 7f2d4c04-a8ab-44ce-a0e7-46c95d6f95ce
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.23; 217.114.218.23; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
383 B 201ms
150ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
211 B 197ms
131ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=22453383690&lsavail=1

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
date: Fri, 22 Mar 2024 17:28:55 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 545 B
911 B 207ms
36ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10828&site_id=25078&zone_id=97396&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&kw=TerraMailGigante%2CE-mailcomantispam%2CE-mailcomantivirus%2CE-mailcomsuporte%2CE-mailcomsuportetelefonico%2CE-mailprotegido%2CE-mailcomacessoseguro%2Cemail%2Cwebmail%2Cantivirus%2Cantispam&tg_v.viewport=s1&tg_v.testfloor=false&tg_v.connection=4g&tg_v.fledge=false&tg_i.domain=maillterr2a.imboxt3erra.dynv6.net&tg_i.page=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&tg_i.adunit=br_terra_mail%2Fhome%2Fcabeceira&tg_i.viewport=s1&tg_i.pbadslot=%2F1211%2Fbr.terra.mail%2Fhome%2Fcabeceira&tk_flint=pbjs_lite_v7.54.5&x_source.tid=b6429d2e-d7d2-4f85-9e3f-0d9d53febcd5&l_pb_bid_id=17982c2a4682ee9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=b6429d2e-d7d2-4f85-9e3f-0d9d53febcd5&rp_maxbids=1&p_gpid=%2F1211%2Fbr.terra.mail%2Fhome%2Fcabeceira&slots=1&rand=0.17870063190665997
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 071b5baf0748a6a8a8e11834af2fd7f4690bc454c64a73b01df37d3d2a07dec5

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:56 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 545
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
371 B 200ms
149ms XHR
text/javascript 13.33.221.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&pid=A0XDh339KdKQO&cb=1&ws=1600x1200&v=24.319.2210&t=2000&slots=%5B%7B%22sd%22%3A%22adv-right%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1211%2Fbr.terra.mail%2Fhome%2Fs1%22%7D%5D&pubid=bc92a28d-5a18-4ea4-9491-626e7826c69c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.221.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-221-174.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:55 GMT
via: 1.1 425709fb5486bea91d36ef6c75d4ffac.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P10
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ARB__-E0fmPBIwhUSM7RwZRoy7qdKaIEirJj9i6D4krPnkA4uQMDCA==

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
65 B 234ms
195ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
389 B 179ms
132ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUDV2PQ3
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: bd7ec13059eb5147ccde9f83ad77e8c2c13922d69264aa1d2ab5022bc5a13c52

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:55 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Mar 2024 17:28:56 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 KB
10 KB 259ms
208ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

87858c782a7467b170eba7e3adb99b0e244ff3acef532827a97e0a040713f2d5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: gzip
an-x-request-uuid: 79c7aeb3-1ef4-467b-b4c8-12ab7a5d46f6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.23; 217.114.218.23; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
212 B 171ms
116ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=13549630223&lsavail=1

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
date: Fri, 22 Mar 2024 17:28:55 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 10 KB
6 KB 313ms
263ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

85d421f008d25fcb90dba7afcbff1383e695a8aec87653e1ec74d1e01fe09aad

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: gzip
an-x-request-uuid: 34fec0f7-92f8-4bc2-bb2d-65c6bf7e6de6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.23; 217.114.218.23; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
583 B 289ms
74ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:55 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
583 B 272ms
47ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:55 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 403 3612118 Show response
bs.yandex.ru/prebid/ 27 B
461 B 341ms
70ms XHR
text/html 2a02:6b8::90
TELETECH

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/3612118?imp-id=1&target-ref=maillterr2a.imboxt3erra.dynv6.net&ssp-id=10500
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software: /
Resource Hash: 831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 17:28:56 GMT
x-yandex-req-id: 1711128536249217-1067491770571494494400352-production-app-host-vla-pcode-552
content-type: text/html; charset=windows-1251
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Fri, 22 Mar 2024 17:28:56 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 509 B
1 KB 193ms
33ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10828&site_id=25078&zone_id=97396&size_id=15&rf=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&kw=TerraMailGigante%2CE-mailcomantispam%2CE-mailcomantivirus%2CE-mailcomsuporte%2CE-mailcomsuportetelefonico%2CE-mailprotegido%2CE-mailcomacessoseguro%2Cemail%2Cwebmail%2Cantivirus%2Cantispam&tg_v.viewport=s1&tg_v.testfloor=false&tg_v.connection=4g&tg_v.fledge=false&tg_i.domain=maillterr2a.imboxt3erra.dynv6.net&tg_i.page=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&tg_i.adunit=br_terra_mail%2Fhome%2Fs1&tg_i.viewport=s1&tg_i.pbadslot=%2F1211%2Fbr.terra.mail%2Fhome%2Fs1&tk_flint=pbjs_lite_v7.54.5&x_source.tid=2324ab05-58e8-4cd8-9986-6827d0acb02a&l_pb_bid_id=34ab9369e9b0f4&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=2324ab05-58e8-4cd8-9986-6827d0acb02a&rp_maxbids=1&p_gpid=%2F1211%2Fbr.terra.mail%2Fhome%2Fs1&slots=1&rand=0.45742723740942237
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 88d51e3e9ab81a94877ac752acb88bbc9d0b5a045be8b027e09e3718e3dedfff

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:56 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 509
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 652 B
855 B 256ms
117ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1798310732479405&correlator=2603146478825986&output=ldjh&gdfp_req=1&vrg=202403190101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=1211%2Cbr.terra.mail%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&fsbs=1&ists=1&eri=1&sc=1&abxe=1&dt=1711128535967&lmt=1711128535&adxs=0&adys=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&vis=1&psz=1600x434&msz=1600x0&fws=0&ohw=0&ga_vid=170044403.1711128536&ga_sid=1711128536&ga_hid=354052031&ga_fc=false&dlt=1711128531299&idt=4590&prev_scp=testfloor%3Dtrue%26connection%3D4g%26fledge%3Dfalse%26lite%3D0%26devicememory%3D8%26pf%3Dfalse%26pr%3Dfalse&adks=3225428632&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a675a6920c13fce10dc4569f215fb781cbd955219c304553c7b62d854fe6c694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 341
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
86773b6f5340a017dd84af903bdae2e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 10E0 6 KB
3 KB 188ms
27ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://86773b6f5340a017dd84af903bdae2e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 17:28:56 GMT
expires: Sat, 22 Mar 2025 17:28:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 include Show response
p1.trrsf.com/api/includer/ 3 KB
732 B 86ms
86ms Fetch
application/json 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/includer/include?component=app.navBar&component=mod.globalStorage&component=mod.stalker&country=br&env=prod&format=json&group=web&scheme=https&standalone=true%3Fv%3D5
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 12babe247baab793f01ca219842013d73c438a5fed0c0889a5396afc1c54f5c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: gzip
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length: 507
x-includer-uuid: 944154ce-7407-4a7b-90a9-648215fa87fe

GET
H2 200 zaz-globalstorage-min.js Show response
s1.trrsf.com/update-1674586307/fe/zaz-mod-globalstorage/ 40 KB
12 KB 44ms
44ms Fetch
application/x-javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586307/fe/zaz-mod-globalstorage/zaz-globalstorage-min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 166720721c833cecfeb03d4dc92c707c7855430f2a3caf2fd60a736400e6e251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 18:51:47 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 11522

GET
H2 200 mod-stalker.min.js Show response
s1.trrsf.com/update-1707912444/fe/zaz-mod-stalker/_js/ 23 KB
7 KB 47ms
46ms Fetch
application/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1707912444/fe/zaz-mod-stalker/_js/mod-stalker.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 5f3fe6682c31fbff40aa193c0d3554e2e69c800e40ad758ab6783ce184d8b4ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: br
last-modified: Wed, 14 Feb 2024 12:07:24 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 6418

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 50 KB
19 KB 182ms
181ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1798310732479405&correlator=726991764033167&output=ldjh&gdfp_req=1&vrg=202403190101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=1211%2Cbr.terra.mail%2Chome%2Cs1&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&fsbs=1&eri=1&sc=1&abxe=1&dt=1711128536294&lmt=1711128536&adxs=333&adys=446&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&vis=1&psz=320x0&msz=300x0&fws=4&ohw=970&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=170044403.1711128536&ga_sid=1711128536&ga_hid=354052031&ga_fc=false&dlt=1711128531299&idt=4590&prev_scp=viewport%3Ds1%26refresh%3D0%26testfloor%3Dfalse%26connection%3D4g%26fledge%3Dfalse%26lite%3D0%26devicememory%3D8%26pf%3Dfalse%26pr%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_projectago%3Dbanner%26hb_size_projectagora%3D300x250%26hb_pb_projectagora%3D0.01%26hb_adid_projectagora%3D3928296f973799b%26hb_bidder_projectago%3Dprojectagora%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.07%26hb_adid_appnexus%3D35124bb1156b137%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.07%26hb_adid%3D35124bb1156b137%26hb_bidder%3Dappnexus&adks=3904963271&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

618d53e93c8d89a321615fad5da731d8466ee2c5b06478d6e7ea19fae5edba5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19464
x-xss-protection: 0
google-lineitem-id: 5182858318
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138288643331
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 50 KB
19 KB 213ms
213ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1798310732479405&correlator=1871792396297854&output=ldjh&gdfp_req=1&vrg=202403190101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=1211%2Cbr.terra.mail%2Chome%2Ccabeceira&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250%7C1272x250&ifi=3&sfv=1-0-40&fsbs=1&eri=1&sc=1&abxe=1&dt=1711128536304&lmt=1711128536&adxs=436&adys=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&vis=1&psz=970x0&msz=970x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=170044403.1711128536&ga_sid=1711128536&ga_hid=354052031&ga_fc=false&dlt=1711128531299&idt=4590&prev_scp=viewport%3Ds1%26refresh%3D0%26testfloor%3Dfalse%26connection%3D4g%26fledge%3Dfalse%26lite%3D0%26devicememory%3D8%26pf%3Dfalse%26pr%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.03%26hb_adid_appnexus%3D37ce32011c8e5f9%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.03%26hb_adid%3D37ce32011c8e5f9%26hb_bidder%3Dappnexus&adks=3023070111&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25c87a8baa88fc684b19e41a017f6a1d17d30d7d14ec93511d3e0b4c4bdced9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19483
x-xss-protection: 0
google-lineitem-id: 5183171759
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138288578823
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 opensans-regular.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/ 18 KB
19 KB 47ms
46ms Font
application/octet-stream 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-morph/fonts/opensans/opensans-regular.woff2
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 513a6866e48ea8e16265464bf3f99aea0289c53007b57221dfd0dd5e64cb6985

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
Origin: https://maillterr2a.imboxt3erra.dynv6.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
last-modified: Tue, 24 Jan 2023 18:51:56 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 18708

GET
H2 200 logo_terraServicos.svg
svadata.terra.com.br/svabar-navbar/zaz-navbar-desk/logos/ 11 KB
4 KB 1012ms
269ms Image
image/svg+xml 208.84.244.116
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://svadata.terra.com.br/svabar-navbar/zaz-navbar-desk/logos/logo_terraServicos.svg

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

208.84.244.116 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),

Reverse DNS

www.terra.com.br

Software

Resource Hash

5ccf5111a2cbcf008839254bfa2b13e2562eb3d98752b3b302f16ce3cbf50914

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-mt-cache: HIT
date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 26 Aug 2020 17:40:08 GMT
content-type: image/svg+xml
cache-control: max-age=3600
expires: Fri, 22 Mar 2024 17:51:47 GMT

GET
H2 200 logo_terraEmpresas.svg
svadata.terra.com.br/svabar-navbar/zaz-navbar-desk/logos/ 10 KB
4 KB 1013ms
270ms Image
image/svg+xml 208.84.244.116
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://svadata.terra.com.br/svabar-navbar/zaz-navbar-desk/logos/logo_terraEmpresas.svg

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

208.84.244.116 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),

Reverse DNS

www.terra.com.br

Software

Resource Hash

a60554ac1f86291468a90aa99fdc3ee46fc5d39f2670cd646f0caf708b7d73c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-mt-cache: HIT
date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 26 Aug 2020 17:40:08 GMT
content-type: image/svg+xml
cache-control: max-age=3600
expires: Fri, 22 Mar 2024 17:51:47 GMT

GET
H2 200 vivinho-pequeno_v4.svg
svadata.terra.com.br/svabar-navbar/zaz-navbar-desk/ 3 KB
2 KB 1012ms
269ms Image
image/svg+xml 208.84.244.116
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://svadata.terra.com.br/svabar-navbar/zaz-navbar-desk/vivinho-pequeno_v4.svg?v=2

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

208.84.244.116 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),

Reverse DNS

www.terra.com.br

Software

Resource Hash

5d970b83432bf2f958098a7ab5df58a7329c26fd9fe5d6c63eb854a12b332ce1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-mt-cache: EXPIRED
date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 15 Dec 2020 18:04:10 GMT
content-type: image/svg+xml
cache-control: max-age=3600
expires: Fri, 22 Mar 2024 18:09:06 GMT

GET
H2 200 banner-ds_v1.png
svadata.terra.com.br/svabar-navbar/zaz-navbar-desk/ 16 KB
16 KB 878ms
135ms Image
image/png 208.84.244.116
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://svadata.terra.com.br/svabar-navbar/zaz-navbar-desk/banner-ds_v1.png

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

208.84.244.116 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),

Reverse DNS

www.terra.com.br

Software

Resource Hash

6ef271b5f7a300d3a082f8f55656f1ae2c169097d0cc5478d69dd5f31f4044ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-mt-cache: MISS
date: Fri, 22 Mar 2024 17:28:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Aug 2020 17:04:12 GMT
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 16469
expires: Tue, 25 Feb 2031 12:11:37 GMT

GET
H2 200 TER_274_Novas_Pecas_Campanha_Construtor_Banner_273x40_V1_VP.gif
p1.trrsf.com.br/image/fget/cf/0/0/0/0/0/0/svadata.terra.com.br/svabar-navbar/promotags/img/ 34 KB
34 KB 425ms
165ms Image
image/webp 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.trrsf.com.br/image/fget/cf/0/0/0/0/0/0/svadata.terra.com.br/svabar-navbar/promotags/img/TER_274_Novas_Pecas_Campanha_Construtor_Banner_273x40_V1_VP.gif
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 25757a06c79fa8159f621f785b1b052016b65be2f1994ce7346b22af4aa18ec5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
last-modified: Wed, 17 Feb 2021 19:10:15 GMT
server: Terra Web Server
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 34464

GET
H2 200 TER_184_Campanha_Email_Gigante_Banner_273x40_Promo_V2_VP.gif
p1.trrsf.com.br/image/fget/cf/0/0/0/0/0/0/svadata.terra.com.br/svabar-navbar/promotags/img/ 19 KB
20 KB 477ms
218ms Image
image/webp 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.trrsf.com.br/image/fget/cf/0/0/0/0/0/0/svadata.terra.com.br/svabar-navbar/promotags/img/TER_184_Campanha_Email_Gigante_Banner_273x40_Promo_V2_VP.gif
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 7e815e3d30d0653579141531e789a4bb6f47854db0f8c3b446373c44a7cd2087

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
last-modified: Mon, 30 Nov 2020 16:18:09 GMT
server: Terra Web Server
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 19744

GET
H2 200 opensans-semibold-webfont.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/semibold/ 10 KB
10 KB 59ms
59ms Font
application/octet-stream 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-morph/fonts/opensans/semibold/opensans-semibold-webfont.woff2
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 83113ce831f3f1ec8841232d895e17f722444b1939f5230891f7ff17a7c53618

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
Origin: https://maillterr2a.imboxt3erra.dynv6.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
last-modified: Tue, 24 Jan 2023 18:51:56 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 10404

GET
H2 200 ubuntu-regular.woff2
s1.trrsf.com/fe/zaz-morph/fonts/ubuntu/ 29 KB
29 KB 52ms
52ms Font
application/octet-stream 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-morph/fonts/ubuntu/ubuntu-regular.woff2
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 5b54b663a68ab50eec6da294a8aa6b06e57b619c26bc12d7d7fa2c3701f913e0

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
Origin: https://maillterr2a.imboxt3erra.dynv6.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
last-modified: Tue, 24 Jan 2023 18:51:56 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 29800

GET
H2 200 opensans-bold-webfont.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/bold/ 10 KB
10 KB 46ms
45ms Font
application/octet-stream 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-morph/fonts/opensans/bold/opensans-bold-webfont.woff2
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 7a223174668e40dccd38462d34304503b75e31e700bff92b7e9e8fdda3274670

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
Origin: https://maillterr2a.imboxt3erra.dynv6.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
last-modified: Tue, 24 Jan 2023 18:51:56 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 10304

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F314 0
0 100ms
60ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstRQVnPtyG8f3pc7Yur6nHwJBVKzNw1-8spSmfsNyxz8RFJSm5SHmmKpeTjdQww0EaMScvzAzfwB8YIGNrB0nqy8ch7RHyt1BPI449xzkTUjqi1tAHLeDTbMPKPdFc410YTKYpIiveDj57fC1HTt7Ot3bbfCx-dlyh49WALjtPb_ZVwdjvP760nS4Ecef7Lni1PADYTnSlmF2hXdH87bs1F9kKx5jyH28qIWJ_QnOhKTzqG65XoEZWCNrt15FLTyhTPKzFEXvKPo0ahEKYKxUICZUA3-lMr9qMufzOlZxKrdb0zSXV2H1DRH9XeXV-VRoh2wjAbJXaIsVGFtM3aHUZfaRViJ01NvYlPY0oHovh0bmpgOx_0qCcFXzAwVLgw-ynqgeBzCj4xWm756EIsFbmq97fKIcDemao&sig=Cg0ArKJSzFuGBXRfEePkEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame F314 23 KB
9 KB 57ms
18ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 17:21:28 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame F314 26 KB
10 KB 85ms
37ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6179
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220028-FRA, cache-lga21962-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fi7TGqJ33XnuI2XX71PMD8yXsayNd3Vx9jiG70QsFLoISVu4hKqVDAW3e5nKfpD2ewtruS9neaIWYnSIdAy8%2FLV3fTu0Qj0%2BURTejha0xaXt5jNNc2ysbv2n5RTcDxeU%2B2Af20grpI1hzARe3fI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8687e6a9ad4a5ca4-FRA

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F314 206 KB
62 KB 61ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 18:21:28 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 30B5 0
0 78ms
60ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvSz2D40gAcUHrfyou_0-6_oSu-8okPE7RTB6NjlWtwegfTa33dtOjEP0MqkfnQ3ilyjP0gd17pmOAhD2cwted6fen5_fOCXTCjnQbl-DKMceN6ruwNuLLEn_DbgA2Ojv15fHibq7wXmcHDuOKbmRuaxbUf82Vd5RDA8LhWO0vmzP2c_rRE7zilIGMX8HWiRqQtXKwoN6WQS_11syy8KUatqAMYnt9l5t7Z0HMzTQcud5nTF1SCJorEFuaC_MZ70iyGullOfiEBPswfHKwlUUSRiLz4eiqzMTQSCmAIh94ttOYQrn5drvvB6YHY_ZlJvaqQSWa7z26CVz-s9o9ScXGevfGrhNVB2CwE8dodBTc19laO8RRwNi_VFVWEe-7OGukPBbFqq7aADa_MNWxkhG4aa4XWX58eHdBWSujEJ3vS&sig=Cg0ArKJSzIOTZWRFGVXNEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame 30B5 23 KB
9 KB 80ms
62ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 17:21:28 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 30B5 26 KB
9 KB 68ms
42ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6179
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220028-FRA, cache-lga21962-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=esOUwnkqNd%2Fjo0dfRZHqilKyjAtyBJzKmx4T2au1AzoLVbsZyoW5ScSJ1K6v%2BuN9AynSmpcyoHm5V8iERUfWZpLSTKsTunf1kMjNc2TLVpYHgrJ2XJxuPBUqA9PPvnbzRs27XQUrlShVRKRujIM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8687e6a9ad4b5ca4-FRA

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 30B5 206 KB
62 KB 47ms
30ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 18:21:28 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame F314 100 KB
38 KB 137ms
52ms Script
text/javascript 88.221.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.124.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cb5e0f5b9a14a2bd158f57fd095b43e9c28874ef0ca20ca884bb03252258d736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-mnt-h: 22-5h9m
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 22 Mar 2024 17:28:56 GMT
server: Apache
etag: "93b4fbbd8f4312229a3fd8419030c4a5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-5h9m
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 38373
expires: Fri, 22 Mar 2024 17:33:56 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame F314 35 B
296 B 105ms
21ms Image
image/gif 2.16.164.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=b51a78893f9e5e2486090218259e6c05&algo=unison18&bdp=0.3100&bidfp=0.0000&capd=0&cc=DE&cid=8CUH5EN48&crid=101633514&ct=meerbeck&dc=eu_be&dfpbd=0.1116&dn=maillterr2a.imboxt3erra.dynv6.net&iwb=1&ogcbdp=0.3100&other_bids=0.31&other_prv=462&pbshr=100.0000&prdp=0.1116&requrl=maillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%2F&sat=1&sc=NI&sc_pvid=462&send_erpm=true&server=1&size=300x250&strg=harmony&totalTime=2371260&ugd=4&ver=9.6.6&cliIP=-646784512&time_stamp=2024-03-22%2017%3A28%3A56&seat=462&itype=appnexus&req_id=2452385996414765632&dim4=exploration&dfp_bucket=0.1&level_base=0&bdp_bucket=0.3&app_type=appnexus&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&br_ver=122.0.6261.128&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_appn_2-cid_1&ogerpm=0.0000&ogerpm_used=false&rawbid=0.3100&totalTimeBucket=2&as_cache=0&sub_bidder=0&current_day=5.0&current_hour=17&cut=64&floor_bucket=0.00&model_version=202402151400_generic_appn_2-cid_1&erpm_bucket=0.00&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=0&viewability=0.3500&stid=14507090&pvid_seat=462_462&ckfl=0&mnckfl=0&sd=0&predicted_wr=14.5773&bdp_wider_bucket=1&splid=14507090&dim10=false&dmm_m9=0.0000&dmm_m10=617563&log_less=false&cut_bkt=65&dmm_d36=NA&advurl=mybestsearches.com%2F&dmm_d10=0.0000&dmm_d22=0.06&bdmm_m5=1.0000&bdmm_m6=1.0000&bdmm_m7=0.3550&bdmm_m12=0.3550&dmm_l=0.2140&dmm_r=0.2140&e_rpm=0.1340&bdr_typ=2&url_l1=terra&url_l2=terra.php&clisp=rtb-common-65577c8dc8-v96hx.BE&dmm_m1=2024-03-22%2017%3A28%3A56.175394709&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss_d1=0&ss_d2=0&dmm_m22=0.0000&adtyp=0&gpid_format=DEFAULT&gpid=14507090&gpid_sent=true&pst=EMS&bcrid=486661670&erpm_mult=1.000000&zone=b&rc=-1&sfm_key=mowx_System_462&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=16&wsip=mowx-7d896dd948-wwpnv&rel_cut_bkt=65&djvm=9.5.8&optimal_cut=0.0&cut_cluster=0.0
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.164.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-164-41.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2024 17:28:56 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Fri, 22 Mar 2024 17:28:56 GMT

GET
H2 200 release-20231121-135-adperformance.js Show response
warp.media.net/rtb/resources/ Frame F314 72 KB
25 KB 187ms
33ms Script
application/javascript 23.53.232.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.232.23 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-53-232-23.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Fri, 22 Mar 2024 17:28:56 GMT
x-guploader-uploadid: ABPtcPpIo_b_NcMKOwHvGDCTG05XY1UknAvtaGcrwEzGBq16PDG4pYQRlOGIdNZ7w2_WERaEBt4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25147
server: UploadServer
etag: "841dabce0b477a93d9cf7379b9eb1368"
vary: Accept-Encoding
x-goog-hash: md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type: application/javascript
x-goog-generation: 1700562102250666
cache-control: max-age=3600
x-goog-stored-content-length: 73447
expires: Fri, 22 Mar 2024 18:28:56 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/243/ Frame F314 80 KB
28 KB 110ms
27ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/243/trk.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 82da873956888d3a0a1db331a301c9b95de6937c0acf64c33a2c9fc711b7fb54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Expires: Thu, 06 Mar 2025 13:25:27 GMT
Date: Fri, 22 Mar 2024 17:28:56 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 1397010
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21945-LGA, cache-fra-etou8220024-FRA
Last-Modified: Wed, 06 Mar 2024 13:23:40 GMT
Server: AkamaiNetStorage
X-Timer: S1711128537.714601,VS0,VE0
ETag: "8ddbd8bafc2492a69e46a808a5e2a727:1709731420.917212"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 7, 1167096

GET
H2 200 it
fra1-ib.adnxs.com/ Frame F314 0
969 B 41ms
24ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fmaillterr2a.imboxt3erra.dynv6.net%252Fterra%252Fterra.php%253Frandom%253D28947&e=wqT_3QL_BOh_AgAAAwDWAAUBCNj_9q8GEIurpaOOybmPGRgAKjYJgCxEh8CRvD8RAlpL5RNQtD8ZAAAAYGZm5j8hAg0SACkRJPTEATEAAADgUbiePzDSuPUGOPpPQJUJSGBQpryH6AFYs8FrYABo2LOGAXjs1wWAAQGKAQNVU0SSAQNCUkyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC4qNO6gJGaHR0cHM6Ly9tYWlsbHRlcnIyYS5pbWJveHQzZXJyYS5keW52Ni5uZXQvdGVycmEvdGVycmEucGhwP3JhbmRvbT0yODk0N4ADAIgDAZADAJgDF6ADAaoDQRIYMjQ1MjM4NTk5NjQxNDc2NTYzMl9zYmlkGhMxODEwMTM3MzAwOTkzNjYwMjk5Igk0ODY2NjE2NzAqBU0xMTczwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4yM6gEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEpryH6AGIBQGYBQCgBcCUx8OggqiEIsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaPxYPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aav8QHaBhYKEAAAAAE2FQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfs1wXSBw0JEScBJgzaBwYIBQm44AcA6gcCCADwB-GXAooIAhAAlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=94fc5d34b24f2211d0123df298df561d80720cad

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:56 GMT
an-x-request-uuid: 15d9b5ef-99f1-40ee-b1f5-7fefe09088c3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.23; 217.114.218.23; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 30B5 100 KB
38 KB 162ms
82ms Script
text/javascript 88.221.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.124.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

eabfc86cdbab00f4e22509bf746ad775a0b8fb353e55a2fdc9eb1dad1c033238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-mnt-h: 22-5h9m
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 22 Mar 2024 17:28:56 GMT
server: Apache
etag: "93b4fbbd8f4312229a3fd8419030c4a5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-5h9m
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 38374
expires: Fri, 22 Mar 2024 17:33:56 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 30B5 35 B
296 B 103ms
23ms Image
image/gif 2.16.164.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=a40c54527fe50ede2a7b9bd43b5cec04&algo=unison12&bdp=0.1600&bidfp=0.0000&capd=0&cc=DE&cid=8CUH5EN48&crid=101633514&ct=meerbeck&dc=eu_be&dfpbd=0.0448&dn=maillterr2a.imboxt3erra.dynv6.net&iwb=1&ogcbdp=0.1600&other_bids=0.16&other_prv=462&pbshr=100.0000&prdp=0.0448&requrl=maillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%2F&sat=1&sc=NI&sc_pvid=462&send_erpm=true&server=1&size=970x250&strg=harmony&totalTime=3994389&ugd=4&ver=9.6.6&cliIP=-646784512&time_stamp=2024-03-22%2017%3A28%3A56&seat=462&itype=appnexus&req_id=3717733390181311443&dim4=exploration&dfp_bucket=0.0&level_base=0&bdp_bucket=0.15&app_type=appnexus&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&br_ver=122.0.6261.128&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_appn_2-cid_1&ogerpm=0.0000&ogerpm_used=false&rawbid=0.1600&totalTimeBucket=3&as_cache=0&sub_bidder=0&current_day=5.0&current_hour=17&cut=72&floor_bucket=0.00&model_version=202402151400_generic_appn_2-cid_1&erpm_bucket=0.00&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=0&viewability=0.5800&stid=14507081&pvid_seat=462_462&ckfl=0&mnckfl=0&sd=0&predicted_wr=4.1463&bdp_wider_bucket=1&splid=14507081&dim10=false&dmm_m9=0.0000&dmm_m10=1269580&log_less=false&cut_bkt=70&dmm_d36=NA&advurl=mybestsearches.com%2F&dmm_d10=0.0000&dmm_d22=0.06&bdmm_m5=1.0000&bdmm_m6=1.0000&bdmm_m7=0.3510&bdmm_m12=0.3510&dmm_l=0.1010&dmm_r=0.1010&e_rpm=0.0650&bdr_typ=2&url_l1=terra&url_l2=terra.php&clisp=rtb-common-6ff4d9c958-v74ff.BE&dmm_m1=2024-03-22%2017%3A28%3A56.195578742&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss_d1=0&ss_d2=0&dmm_m22=0.0000&adtyp=0&gpid_format=DEFAULT&gpid=14507081&gpid_sent=true&pst=EMS&bcrid=435408724&erpm_mult=1.000000&zone=b&rc=-1&sfm_key=mowx_System_462&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=16&wsip=mowx-7d896dd948-nfljw&rel_cut_bkt=70&djvm=9.5.8&optimal_cut=0.0&cut_cluster=0.0
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.164.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-164-41.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2024 17:28:56 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Fri, 22 Mar 2024 17:28:56 GMT

GET
H2 200 release-20231121-135-adperformance.js Show response
warp.media.net/rtb/resources/ Frame 30B5 72 KB
25 KB 208ms
57ms Script
application/javascript 23.53.232.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.232.23 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-53-232-23.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Fri, 22 Mar 2024 17:28:56 GMT
x-guploader-uploadid: ABPtcPpIo_b_NcMKOwHvGDCTG05XY1UknAvtaGcrwEzGBq16PDG4pYQRlOGIdNZ7w2_WERaEBt4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25147
server: UploadServer
etag: "841dabce0b477a93d9cf7379b9eb1368"
vary: Accept-Encoding
x-goog-hash: md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type: application/javascript
x-goog-generation: 1700562102250666
cache-control: max-age=3600
x-goog-stored-content-length: 73447
expires: Fri, 22 Mar 2024 18:28:56 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/243/ Frame 30B5 80 KB
28 KB 97ms
19ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/243/trk.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 82da873956888d3a0a1db331a301c9b95de6937c0acf64c33a2c9fc711b7fb54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Expires: Thu, 06 Mar 2025 13:25:27 GMT
Date: Fri, 22 Mar 2024 17:28:56 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 1397009
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21945-LGA, cache-fra-etou8220101-FRA
Last-Modified: Wed, 06 Mar 2024 13:23:40 GMT
Server: AkamaiNetStorage
X-Timer: S1711128537.711504,VS0,VE0
ETag: "8ddbd8bafc2492a69e46a808a5e2a727:1709731420.917212"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 7, 1097334

GET
H2 200 it
fra1-ib.adnxs.com/ Frame 30B5 0
969 B 37ms
37ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fmaillterr2a.imboxt3erra.dynv6.net%252Fterra%252Fterra.php%253Frandom%253D28947&e=wqT_3QL-BOh-AgAAAwDWAAUBCNj_9q8GEJXP-omhz6WmJhgAKjYJx7q4jQbwpj8RXnKSnAJPoD8ZAAAAQOF6AEAhXg0SACkRJPTyATEAAACgmZnJPzDJuPUGOPpPQJUJSGBQ1J7PzwFYs8FrYABo86GFAXjC2wSAAQGKAQNVU0SSAQNCUkyYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC4qNO6gJGaHR0cHM6Ly9tYWlsbHRlcnIyYS5pbWJveHQzZXJyYS5keW52Ni5uZXQvdGVycmEvdGVycmEucGhwP3JhbmRvbT0yODk0N4ADAIgDAZADAJgDF6ADAaoDQRIYMzcxNzczMzM5MDE4MTMxMTQ0M19zYmlkGhMyNzU5NzQ2MTIyNjkwNzY2NzQxIgk0MzU0MDg3MjQqBU0xMTczwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4yM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATUns_PAYgFAZgFAKAF08f22qLagswzwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFjJtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHwtsE0gcNCQAAAAABLhwQABgA2gcGCAUJuOAHAOoHAggA8AfhlwKKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=f8eb6e897dff59827147067c40f4f50e23721765

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:56 GMT
an-x-request-uuid: bb3b2dab-4c17-4918-bb82-ada6007b3c5a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.23; 217.114.218.23; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 include Show response
p1.trrsf.com/api/includer/ 10 KB
1 KB 72ms
70ms Fetch
application/json 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/includer/include?component=app.menuNavbar&component=mod.userNavigation&component=mod.xRequest&country=br&env=prod&format=json&group=web&scheme=https&standalone=true%3Fv%3D5
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 29eebdc70407f985205302ac77f68545c06766a6031748e920f5643a63fc1470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: gzip
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length: 979
x-includer-uuid: dfff184a-0591-4715-ae3f-9539d9df4ad2

GET
H2 200 mod-user-navigation.min.js Show response
s1.trrsf.com/update-1674586315/fe/zaz-mod-user-navigation/_js/ 2 KB
1 KB 45ms
45ms Fetch
application/x-javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586315/fe/zaz-mod-user-navigation/_js/mod-user-navigation.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 20976fc8fe202fef3f3b01a7068bc9512b8c82162c61e6e2403f8b4eabcb54aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 18:51:55 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
x-cdnterra-cache-status: MISS
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 862

GET
H2 200 mod-xrequest.min.js Show response
s1.trrsf.com/update-1674586315/fe/zaz-mod-xrequest/_js/ 19 KB
5 KB 45ms
45ms Fetch
application/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586315/fe/zaz-mod-xrequest/_js/mod-xrequest.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: aa3b66cc46e7b15d1cdf78e3dc02b9088bc39ed3f230eec1e0678e7e3dd6488b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:55 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 5199

GET
H2 200 sizesstandalone.min.css Show response
s1.trrsf.com/update-1674586307/fe/zaz-mod-icons/_css/ 852 B
474 B 112ms
112ms Fetch
text/css 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586307/fe/zaz-mod-icons/_css/sizesstandalone.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 60030481be95c8052a5043bd0ebb13ef16e6254b6e86b8dfe5001590cfafc681

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:47 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 165

GET
H2 200 SAFEFRAME.html Show response
contextual.media.net/sr/2722522032/ Frame 637C 64 KB
25 KB 389ms
389ms Document
text/html 88.221.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2678&&kkdd=*u%7C3%7CHn*A9&Qw=GyGGGMBN07N7)0y0)7)&h-cp=G&tOcb=E&W-Q=GGBN&DOWF=1))7&Ww-=BqR7MSRB!&WcW-=)-8qdvmjNq2K6Fy6R7J5.~%3D%3D&Wpw-=)0)NN0M07&OwrF=0EE9MNE&WW=g!&OW=A!&WYJt=A~LSuj(&cw-=Bsu)2yS3_&Dcw-=evNNyMN&YDDcO=G&ppp=DrLfY1W.f1B_lyWCax0rGFVf)!yjQIWBW_5_wj3Jl8AB(u5f6j*VzQJrxh-rB5xu.8nWFcwlQAh4e)bdwStRzOIQ8wJQm!.F&JOF=N&.U=G&Ih-=)&b-DG=BqRAN!j)B&b-DM=GEG700NG)&l-bDb=ol9x.FJ%3DGMNEolYc%3DEolw-%3DEk0GEol9xbJWFODCp%3DEf0XMEf)ol9xbOJ%3D0GGE0ol9xF9c%3DEol9xhwJOI%3DEol9xwJDt-%3DEol9xpY%3D)yg!ncTBAHol9xpcW%3DEEEEEGEol9xOwrF%3D0EE9MNEol9xDtb9%3DBNol9xDt.xOIaaw9%3D%2FoWwDV%3Dj!Rj_vLqA!joW6xa.%3DEo-W%3DhWcfFIfUFODGflo-ttx-G%3DEo-ttx-GE%3DEo-ttx-GM%3DGo-ttx-G)%3DEo-ttx-GN%3DGo-ttx-G7%3D0o-ttx-Gy%3DEo-ttx-GB%3D0Eo-ttx-M%3Deo-ttx-MG%3DfGo-ttx-MM%3DEkE7o-ttx-M)%3DNo-ttx-MN%3D-Fax-Fao-ttx-MB%3DNo-ttx-M*%3DEkEEo-ttx-0%3DEo-ttx-0E%3DEo-ttx-0M%3DEo-ttx-00%3DEo-ttx-07%3Dj~o-ttx-0y%3Deo-ttx-)%3DEEo-ttx-)E%3DEo-ttx-)M%3DEo-ttx-)0%3DEo-ttx-))%3DcpC-o-ttx-)N%3DEo-ttx-)7%3DLo-ttx-NG%3DEo-ttx-NM%3DEkEEo-ttx-N7%3DEo-ttx-y%3DEo-ttx-B%3DEo-ttx.%3DEkE70o-ttxtG%3DEkG0)o-ttxtGE%3DGkEEEo-ttxtGG%3DEk**Bo-ttxtGM%3DEk0NNo-ttxtG0%3DGkEEEo-ttxtG)%3DGkEEEo-ttxtGN%3DEk**0o-ttxtG7%3DEkG00o-ttxtM%3DEkGy7o-ttxtMG%3DGkEEEo-ttxtM0%3DGkEEEo-ttxtM)%3DGkEEEo-ttxtMN%3DGkEEEo-ttxtM*%3DGkEEEo-ttxt0%3DGkEEEo-ttxt0E%3DGkEEEo-ttxt0)%3DGkEEEo-ttxt0N%3DGkEEEo-ttxt07%3DGkEEEo-ttxt0*%3DGkEEEo-ttxt)E%3DGkEEEo-ttxt)0%3D7kBBMo-ttxtN%3DGkEEEo-ttxtNG%3DGkEEEo-ttxtNM%3DEk0N)o-ttxtN0%3DEkGyBo-ttxtN)%3DNkEEEo-ttxtNN%3DGkEEEo-ttxtNy%3DGkEEEo-ttxt7%3DGkEEEo-ttxty%3DEk0NNo-ttxty0%3DGkEEEo-ttxty)%3DGkEEEo-ttxt*%3DGkEEEo-ttxp%3DEkMG)oFxpct%3DEkG0)oFpct%3DEkG0)oYW%3DE%20%2B%20EowYb%3DEowDVcF%3D~ssj!dR5othw%3DG)NEyE*EopxWW%3Dg!opxwc%3DMGykGG)kMGBkEopxOW%3DjvoplC%3DNx0opFaxWJD%3DEoOF..FpxDbhxw-%3D%2FGMGG%2FlpkDFppbktbw.%2FYCtF%2FOGoOD-%3D%2FGMGG%2FlpkDFppbktbw.%2FYCtF%2FOGoQlp%3DEoQwOwlw.wDV%3DEoWl-c%3DEkGGGowDVcFxw-%3DG7oOF..FpxDbhxw-%3D%2FGMGG%2FlpkDFppbktbw.%2FYCtF%2FOGoOIcc.VxDbhxw-%3DG)NEyE*EoQwFUblw.wDV%3DEk0N)MN0ocCO%3DEoWbppwFpv-%3DEoChlw-%3DEk0GEEEEola.p%3DEkEEEoOIw-%3Do-DW%3DFIxlFo-ttxFpct%3Dab.OFo-tt%3DYbptCJVol-cWbc-%3DEo-b.h%3DIJwOCJGBowJO.%3DEoOClc%3DoYDt.%3DGo-WID%3D7No-Chl%3DEfGowlW%3DGooJOr%3DGoDhO%3D0EE9MNEolOl%3DGolOc%3DfGoDt9%3DB7ot9l6D%3DE&JDQ=E&wU=0EE&wJvap=G&l-pv-=)7M&lw-=0NE70N&tWa=7BM0y&V-Ocp=G&6bDcpF=G&6bDlw-=fGE0&Wb-CtbwJ=DrLfY1W.f1fpc7S0W9VvB!HSL)h_)f6UpCxbrTyS5!R%3D&Vc.c=G&wOw-=N&b-Q=SV%20HFOD%205FbpWYFO&bWD=sHvJH)9jrjKpba9)IjH9ah909aja%2F~rbja~&chw-=cEyMEyB)M*NDMEM)E0MMGyMB&OO.-=%7B%22OOwc%22%3A%22MGykGG)kMGBkE%22%2C%22OOWW%22%3A%22g!%22%2C%22OOOW%22%3A%22jv%22%2C%22OOWDV%22%3A%22tFFplFW6%22%7D&YDt.OpW=G&sflct=8110349&ure=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.124.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-124-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

de62fb428dc202256cde552926c3b79d7f37cfa7a7ef075e9a77c066698f7353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 24964
content-type: text/html
date: Fri, 22 Mar 2024 17:28:57 GMT
expires: Fri, 22 Mar 2024 17:28:57 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 22-jx5r

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame F1FB 16 KB
6 KB 50ms
49ms Document
text/html 88.221.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.124.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

153c1c2de7827bcb0c9ccd669e5b2e7bae13f7e8e934f3cf0b6dd513a16c21bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=172800
content-encoding: gzip
content-length: 5954
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 17:28:56 GMT
expires: Sun, 24 Mar 2024 17:28:56 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK bping.php
lg3.media.net/ Frame F314 35 B
368 B 108ms
32ms Image
image/gif 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=2465&&vgd_cdv=1185&vgd_cage=1&vgd_tsce=L446&vgd_mcf=68237&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU62MU8E&crid=434553236&vi=1711128536564373464&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785085&r=1711128536821&rrr=tzR-hLcl-L8Kb7cof_3z1ey-4E7Nvuc8cKSKiNWnbFH8YOS-kN9yZvnz_gdz8S_OlFQcepibvHgJT4aXiMmUZsuvFinvGEle&requrl=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&vgde_bdata=~G-MjJzvufX9~GwEv9~G8Ov9.Au9~G-M1zNJQ7mLv9oA*f9oH~G-M1QzvAuu9A~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99999u9~G-MQ8lJvA99-fX9~G-M7Y1-vWX~G-M7YjMQxkk8-vS~N875vI4PICVD%3Dq4I~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOufvu~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvA9~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9F~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9FA~OYYMYuv9.uAH~OYYMYu9vu.999~OYYMYuuv9.iiW~OYYMYufv9.AXX~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiA~OYYMYuFv9.uAA~OYYMYfv9.uhF~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvu.999~OYYMYAFvu.999~OYYMYAivu.999~OYYMYH9vu.999~OYYMYHAvF.WWf~OYYMYXvu.999~OYYMYXuvu.999~OYYMYXfv9.AXH~OYYMYXAv9.uhW~OYYMYXHvX.999~OYYMYXXvu.999~OYYMYXhvu.999~OYYMYFvu.999~OYYMYhv9.AXX~OYYMYhAvu.999~OYYMYhHvu.999~OYYMYivu.999~OYYMLv9.fuH~JMLEYv9.uAH~JLEYv9.uAH~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~Yy8vuHX9h9i9~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNvIV~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvSufuuSGL.7JLL1.Y18jSwmYJSQu~Q7OvSufuuSGL.7JLL1.Y18jSwmYJSQu~eGLv9~e8Q8G8j875v9~NGOEv9.uuu~875EJM8OvuF~QJjjJLM71yM8OvSufuuSGL.7JLL1.Y18jSwmYJSQu~QxEEj5M71yM8OvuHX9h9i9~e8JB1G8j875v9.AXHfXA~EmQv9~N1LL8JLVOv9~myG8Ov9.Au9999~GkjLv9.999~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzuW~8zQjv9~QmGEv~w7Yjvu~ONx7vFX~OmyGv9ou~8GNvu~~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vWF~Y-GU7v9&ssld=%7B%22QQ8E%22%3A%22fuh.uuH.fuW.9%22%2C%22QQNN%22%3A%22r4%22%2C%22QQQN%22%3A%22IV%22%2C%22QQN75%22%3A%22YJJLGJNU%22%7D&vgd_bid=350635&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=31103&vgd_rakh=1711128536192947933&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_pgid=p0720784295t202403221728&vgd_pgids=1&vgd_uspa=0&hvsid=00001711128536817036481827843558&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Fri, 22 Mar 2024 17:28:56 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Content-Length: 35
Expires: Fri, 22 Mar 2024 17:28:56 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 38F2 23 KB
8 KB 74ms
74ms Document
text/html 88.221.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C229%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.124.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e804af52cc7879d1dc7ed1505b35d74e7075ff436d50cf64146b474315b846ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=172800
content-encoding: gzip
content-length: 8464
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 17:28:56 GMT
expires: Sun, 24 Mar 2024 17:28:56 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame F314 35 B
191 B 150ms
68ms Image
image/gif 2.19.100.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?pixel_len_bucket=6666&logid=awlog&lper=1&itypeid=16&itype=APPNEXUS&itype_override=APPNEXUS&cc=DE&cid=8CUH5EN48&reqid=2452385996414765632&vid=2452385996414765632&dn=maillterr2a.imboxt3erra.dynv6.net&rawDn=maillterr2a.imboxt3erra.dynv6.net&requrl_dn=maillterr2a.imboxt3erra.dynv6.net&pid=8PR113JGC&ugd=4&fleet=common&requrl=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=1&sc=NI&ct=meerbeck&zip=31715&pubid=pub-appnexus-eu&tgtval=pub-appnexus-eu&csip=rtb-common-65577c8dc8-v96hx.BE&dtc=eu_be&zone=b&ptype=23&tmax=150&xtmax=120&gdpr=1&gpp_present=false&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&ortb_device_id=2&asn=31103&sckfl=0&sckfl2=0&smbrid=10234&usp_status=0&usp_enf=1&mspa_enforced=true&pexid=APPNEXUS-1426641&geoll=false&is_ortb=true&s_ip=37.252.171.0&s_city=frankfurt+am+main&commit_id=db57e0ab&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2024-03-22+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&second_call=false&supply_cc=DE&ipcc=DE&is_msnnative_src=false&proxy=g-euw1b-rtb-common-envoy-3&header_lang=false&rtttime=17&req_tid_present=true&pvid=462&prvAccId=434553236&prvApiId=8CU62MU8E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=101633514&prspt=headerBid&prvReqId=42423919637463_1940480229_10163351414621&size=300x250&chnl=HARMONY&bdp=0.310000&bid_uuid=0d0acc6f7e74257c37ed811c2afafa41&cbdp=0.111599&og_cbdp=0.310000&ogbdp=0.31&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Fmybestsearches.com&dfpBd=0.11&dsrc=-2&dp=0&dbf=1&epc=434553236&s=1&snm=SUCCESS&pcrid=8CU62MU8E-434553236-12-28&tpbTkn=false&exid=220&bidflr=0.000&pbidflr=0.000&basebidflr=0.000&opbidflr=0.000&spbf=0&viewability=35&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1711128536174&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=486661670&strg=HARMONY&stagid=14507090&vls=0&scrid=486661670&mang=1&pvdTmax=86&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&apTags%3C%3E=75&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_badv_count=20&mx_epbc=8CU62MU8E&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_dup_profile=0&mx_bsAlgoBucket=MARK_BLOCK&mx_dup_algo=NOT_APPLICABLE&mx_bsVerdictAlgo=V1&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_bsAlgoProfile=NOT_ENOUGH_DATA&mx_aurl_hc=0&mx_aabpc=0&mx_isLossNtf=false&mx_ssBucket=0&mx_bcat_count=0&mx_gpid_sent=true&mx_commit_id=6926dcc56f&mx_exp_tokens%3C%3E=RLReqTagImpAgg%3ARLReqImpAgg%23%23BlacklistBidderPubExp%3Ano_blk%23%23ctx_canonical_exp%3Atrue%23%23loss_notification_exp%3ADEFAULT%23%23VSIDWithFallbackDummy%3Aac2%23%23NedThrtl%3Ant80%23%23duplication-actual%3ADUPLICATE%23%23BF_store%3AGCS%23%23ProfileUpgradationNew%3ANEXT_PROFILE%23%23IPBLOCK_DM%3AGCS%23%23duplication%3ACTV_CONSERVATIVE%23%23dup91%3ADUPLICATE%23%23RealTimeValidBid%3A1hr%23%23multi-sc%3ADEFAULT%23%23NedCkflWithData%3Aall_blk_0nt%23%23prll_req%3Atrue&mx_scId=sc_default&mx_sdr=false&mx_sua_cvg=0000000&mx_tid_sent=false&mx_SPRIG=0&mx_ep_sent%3C%3E=badv&mx_fo=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sid=8CU62MU8E&mx_SC=1&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_divid=14507090&mx_tgs=300x250&mx_cklsrc=OTHERS&mx_bsMarkingVerdict%3C%3E=V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA%23%23V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA%23%23V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA%23%23V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA%23%23V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA&mx_IAB2=0&mx_dup_bucket=NOT_APPLICABLE&mx_PC=1&mx_UCC=1&mx_gpid=14507090&mx_bsWhitelistBucket=0&mx_TAF=3&mx_bsWhitelistAlgo=0&mx_isNed=1&is_video_cmp=false&isFledge=false&acid=b51a78893f9e5e2486090218259e6c05&rtime=5.0&wsip=mowx-7d896dd948-wwpnv&ltime=10.0&act=headerBid&abs=0%7C0%7Cxtmax%3D120%7Cbrr%3D0&adtypes=0&impId=1810137300993660299&reftime=15000&reftype=0&dsid=14507090&insl=0&gpid=%2F1211%2Fbr.terra.mail%2Fhome%2Fs1&mowxReqId=b51a78893f9e5e2486090218259e6c05_1&ecp=0.7&req_size=300x250&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=0&adpos=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&dfpDiv=14507090&supplyTagId=14507090&mnrfc=-1&sst_blk_verdict%3C%3E=NP%3AMNB%23%23C%3AMNB%23%23EC%3AMNB&v_plcmt_override=0&v_placement_override=0&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2024-03-22+17%3A28%3A56&__expireat=1711129136427&mview=1&lo_pvid=%5B462%5D&lo_dp=0&lo_bdp=0.310000&lo_cbdp=0.111599&actltime=10&rme=adm&bdata=~bx_len%3D1250~bhp%3D0~bid%3D0.310~bx_ancestor%3D0-3*20-4~bx_asn%3D31103~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0000010~bx_size%3D300x250~bx_tmax%3D85~bx_tml_suffix%3D%2F~city%3DNEUNKIRCHEN~ck_fl%3D0~dc%3Dgcp-eu-west1-b~dmm_d1%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D30~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.06~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D00~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d56%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_l%3D0.063~dmm_m1%3D0.134~dmm_m10%3D1.000~dmm_m11%3D0.998~dmm_m12%3D0.355~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.993~dmm_m16%3D0.133~dmm_m2%3D0.176~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D1.000~dmm_m36%3D1.000~dmm_m39%3D1.000~dmm_m40%3D1.000~dmm_m43%3D6.882~dmm_m5%3D1.000~dmm_m51%3D1.000~dmm_m52%3D0.354~dmm_m53%3D0.178~dmm_m54%3D5.000~dmm_m55%3D1.000~dmm_m57%3D1.000~dmm_m6%3D1.000~dmm_m7%3D0.355~dmm_m73%3D1.000~dmm_m74%3D1.000~dmm_m9%3D1.000~dmm_r%3D0.214~e_rpm%3D0.134~erpm%3D0.134~hc%3D0%20%2B%200~iha%3D0~itype%3DAPPNEXUS~mgi%3D14507090~r_cc%3DDE~r_ip%3D217.114.218.0~r_sc%3DNI~rbo%3D5_3~ref_cnt%3D0~seller_tag_id%3D%2F1211%2Fbr.terra.mail%2Fhome%2Fs1~std%3D%2F1211%2Fbr.terra.mail%2Fhome%2Fs1~vbr%3D0~visibility%3D0~cbdp%3D0.111%7Eitype_id%3D16%7Eseller_tag_id%3D%2F1211%2Fbr.terra.mail%2Fhome%2Fs1%7Esupply_tag_id%3D14507090%7Eviewability%3D0.354253%7Epos%3D0%7EcarrierId%3D0%7Eogbid%3D0.310000%7Ebflr%3D0.000%7Esuid%3D%7Edtc%3Deu_be%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Dunison18%7Einsl%3D0%7Esobp%3D%7Ehtml%3D1%7Edcut%3D65%7Edogb%3D0-1~ibc%3D1~~nsz%3D1~tgs%3D300x250~bsb%3D1~bsp%3D-1~tmx%3D86~mxbkt%3D0&utime=664&sf=0&cpr=0.7341702175579654

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.100.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-100-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:56 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 22 Mar 2024 17:28:56 GMT

GET
H2 200 SAFEFRAME.html Show response
contextual.media.net/sr/2722522032/ Frame 6E08 74 KB
25 KB 363ms
363ms Document
text/html 88.221.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2703&&kkdd=3u%7CH%7Cn*9A&JF=YfYYY(sW758(7(UYUU8&)an!=Y&3tnL=i&IaJ=YYsW&EtI6=wUU5&IFa=smB5(NBs9&InIa=UajmpxDuWm-db6fbB5hcGS%3D%3D&I!Fa=YWWWYU(U5&tF46=8fiA(Wi&II=K9&tI=29&Iyh3=2SrN1uV&nFa=s.1WcwveU&EnFa=vWfx9im&yEEnt=Y&!!!=E4rOywIGOwsoTfIlCR74Y6XOU9fuJPIsIocoFuQhTj2sV1cObu8X0Jh4R)a4scR1GjeI6nFTJ2)kvULpFN3B0tPJjFhJD9G6&ht6=W&Gq=Y&P)a=U&LaEY=smB2W9uUs&LaE(=YiY577WYU&TaLEL=zTARG6h%3DY(57zTyn%3DizTFa%3DiMY5izTARLhI6tEl!%3DiO7_(iOUzTARLth%3D7YYi7zTAR6An%3DizTAR)FhtP%3DizTARFhE3a%3DizTAR!y%3DUfK9enZs2~zTAR!nI%3DiiiiiYYzTARtF46%3D8fiA(WizTARE3LA%3DsizTARE3GRtPCCFA%3D%2FzIFEX%3Du9Buoxrm29uzIbRCG%3DizaI%3D)InO6POq6tEYOTza33RaY%3Diza33RaYi%3Diza33RaY(%3DYza33RaYU%3Diza33RaYW%3DYza33RaY5%3D7za33RaYf%3Diza33RaYs%3DWiza33RaY8%3DYiiiza33Ra(%3Dvza33Ra(Y%3DOYza33Ra((%3DiMi5za33Ra(U%3DWza33Ra(W%3Da6CRa6Cza33Ra(s%3DWza33Ra(8%3DiMiiza33Ra7%3Diza33Ra7i%3Diza33Ra7(%3Diza33Ra77%3Diza33Ra75%3DuSza33Ra7f%3Dvza33RaU%3DYiza33RaUi%3Diza33RaU(%3Diza33RaU7%3Diza33RaUU%3Dn!laza33RaUW%3Diza33RaU5%3Drza33RaWY%3Diza33RaW(%3DiMiiza33RaW5%3Diza33Raf%3Diza33Ras%3Diza33RG%3DiMi5Wza33R3Y%3DiMi5Wza33R3Yi%3DYMiiiza33R3YY%3DiM8f7za33R3Y(%3DiM7WYza33R3Y7%3DYMiiiza33R3YU%3DYMiiiza33R3YW%3DiM88Uza33R3Y5%3DiMYiYza33R3(%3DiMYsUza33R3(Y%3DYMiiiza33R3(7%3DYMiiiza33R3(U%3DYMiiiza33R3(W%3DYMiiiza33R3(8%3DYMiiiza33R37%3DYMiiiza33R37i%3DYMiiiza33R37U%3DYMiiiza33R37W%3DYMiiiza33R375%3DYMiiiza33R378%3DYMiiiza33R3Ui%3DYMiiiza33R3W%3DYMiiiza33R3WY%3DYMiiiza33R3W(%3DiMWs7za33R3W7%3DYMiiiza33R3WU%3DWMiiiza33R3WW%3DYMiiiza33R3Wf%3DYMiiiza33R35%3DYMiiiza33R3f%3DiM7WYza33R3f7%3DYMiiiza33R3fU%3DYMiiiza33R38%3DYMiiiza33R!%3DiMYiYz6R!n3%3DiMi5Wz6!n3%3DiMi5WzyI%3Di%20%2B%20izFyL%3DizFEXn6%3DS..u9pBcz3)F%3DYUWifisYz!RII%3DK9z!RFn%3D(YfMYYUM(YsMiz!RtI%3Duxz!Tl%3DWR7z!6CRIhE%3Dizt6GG6!REL)RFa%3D%2FY(YY%2FT!ME6!!LM3LFG%2Fyl36%2FILT6I6F!LztEa%3D%2FY(YY%2FT!ME6!!LM3LFG%2Fyl36%2FILT6I6F!LzJT!%3DizJFtFTFGFEX%3DizITan%3DiMiUUzFEXn6RFa%3DY5zt6GG6!REL)RFa%3D%2FY(YY%2FT!ME6!!LM3LFG%2Fyl36%2FILT6I6F!LztPnnGXREL)RFa%3DYUWifisYzJF6qLTFGFEX%3DiMWs(5Y7znlt%3DizIL!!F6!xa%3Dizl)TFa%3DiMY5iiiizTCG!%3DiMiiiztPFa%3DzaEI%3D6PRT6za33R6!n3%3DCLGt6za33%3DyL!3lhXzTanILna%3DizaLG)%3DPhFtlhY(zFhtG%3DiztlTn%3DzyE3G%3DYzaIPE%3Dfizal)T%3DiOYzFTI%3DYzzht4%3DYzE)t%3D8fiA(WizTtT%3DYzTtn%3DOYzE3A%3Ds7z3ATbE%3Di&hEJ=i&Fq=8fi&FhxC!=Y&Ta!xa=U5(&TFa=7U8i57&3IC=5s(7f&Xatn!=Y&bLEn!6=Y&bLETFa=OYi7&ILal3LFh=E4rOywIGOwO!n5N7IAXxs9~NrU)oUObq!lRL4ZfNc9B%3D&XnGn=Y&FtFa=W&LaJ=NX%20~6tE%20c6L!Iy6t&LIE=.~xCd%2FSh!6d6%2F!4uuu!AhUSLPhuPu7%2F~~4%2F&n)Fa=nif(ifsU(8WE(i(Ui7((Yf(s&ttGa=%7B%22ttFn%22%3A%22(YfMYYUM(YsMi%22%2C%22ttII%22%3A%22K9%22%2C%22tttI%22%3A%22ux%22%2C%22ttIEX%22%3A%22366!T6Ib%22%7D&yE3Gt!I=Y&sflct=8353880&ure=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.124.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-124-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

59131bbe55395a9cf6f2871f1b2013b21f3b1b3cb34bb70a187e561a63eae678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 25881
content-type: text/html
date: Fri, 22 Mar 2024 17:28:57 GMT
expires: Fri, 22 Mar 2024 17:28:57 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 22-459h

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 8BC7 16 KB
6 KB 94ms
94ms Document
text/html 88.221.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.124.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

153c1c2de7827bcb0c9ccd669e5b2e7bae13f7e8e934f3cf0b6dd513a16c21bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=172800
content-encoding: gzip
content-length: 5954
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 17:28:56 GMT
expires: Sun, 24 Mar 2024 17:28:56 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK bping.php
lg3.media.net/ Frame 30B5 35 B
368 B 71ms
29ms Image
image/gif 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=2485&&vgd_cdv=1185&vgd_cage=1&vgd_tsce=L446&vgd_mcf=68237&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU62MU8E&crid=155514246&vi=1711128536923241449&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785085&r=1711128536858&rrr=tzR-hLcl-L8Kb7cof_3z1ey-4E7Nvuc8cKSKiNWnbFH8YOS-kN9yZvnz_gdz8S_OlFQcepibvHgJT4aXiMmUZsuvFinvGEle&requrl=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&vgde_bdata=~G-MjJzvufFA~GwEv9~G8Ov9.uF9~G-M1zNJQ7mLv9oA*f9oH~G-M1QzvAuu9A~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99999uu~G-MQ8lJvih9-fX9~G-M7Y1-vW9~G-M7YjMQxkk8-vS~N875vI4PICVD%3Dq4I~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOufvu~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9F~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9FX~OYYMYuv9.9FX~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.AXu~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiH~OYYMYuFv9.u9u~OYYMYfv9.uWH~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvu.999~OYYMYAFvu.999~OYYMYAivu.999~OYYMYH9vu.999~OYYMYXvu.999~OYYMYXuvu.999~OYYMYXfv9.XWA~OYYMYXAvu.999~OYYMYXHvX.999~OYYMYXXvu.999~OYYMYXhvu.999~OYYMYFvu.999~OYYMYhv9.AXu~OYYMYhAvu.999~OYYMYhHvu.999~OYYMYivu.999~OYYMLv9.u9u~JMLEYv9.9FX~JLEYv9.9FX~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~Yy8vuHX9h9Wu~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNvIV~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvSufuuSGL.7JLL1.Y18jSwmYJSN1GJNJ8L1~Q7OvSufuuSGL.7JLL1.Y18jSwmYJSN1GJNJ8L1~eGLv9~e8Q8G8j875v9~NGOEv9.9HH~875EJM8OvuF~QJjjJLM71yM8OvSufuuSGL.7JLL1.Y18jSwmYJSN1GJNJ8L1~QxEEj5M71yM8OvuHX9h9Wu~e8JB1G8j875v9.XWfFuA~EmQv9~N1LL8JLVOv9~myG8Ov9.uF9999~GkjLv9.999~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzuf~8zQjv9~QmGEv~w7Yjvu~ONx7vh9~OmyGv9ou~8GNvu~~zQlvu~7yQvih9-fX9~GQGvu~GQEvou~7Y-vWA~Y-GU7v9&ssld=%7B%22QQ8E%22%3A%22fuh.uuH.fuW.9%22%2C%22QQNN%22%3A%22r4%22%2C%22QQQN%22%3A%22IV%22%2C%22QQN75%22%3A%22YJJLGJNU%22%7D&vgd_bid=349063&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=31103&vgd_rakh=1711128536190757882&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_pgid=p0720784295t202403221728&vgd_pgids=3&vgd_uspa=0&hvsid=00001711128536856036481827847004&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Fri, 22 Mar 2024 17:28:56 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Content-Length: 35
Expires: Fri, 22 Mar 2024 17:28:56 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 45E1 23 KB
8 KB 63ms
62ms Document
text/html 88.221.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.124.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e804af52cc7879d1dc7ed1505b35d74e7075ff436d50cf64146b474315b846ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=172800
content-encoding: gzip
content-length: 8464
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 17:28:56 GMT
expires: Sun, 24 Mar 2024 17:28:56 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 30B5 35 B
191 B 151ms
107ms Image
image/gif 2.19.100.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?pixel_len_bucket=6700&logid=awlog&lper=1&itypeid=16&itype=APPNEXUS&itype_override=APPNEXUS&cc=DE&cid=8CUH5EN48&reqid=3717733390181311443&vid=3717733390181311443&dn=maillterr2a.imboxt3erra.dynv6.net&rawDn=maillterr2a.imboxt3erra.dynv6.net&requrl_dn=maillterr2a.imboxt3erra.dynv6.net&pid=8PR113JGC&ugd=4&fleet=common&requrl=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=1&sc=NI&ct=meerbeck&zip=31715&pubid=pub-appnexus-eu&tgtval=pub-appnexus-eu&csip=rtb-common-6ff4d9c958-v74ff.BE&dtc=eu_be&zone=b&ptype=23&tmax=150&xtmax=120&gdpr=1&gpp_present=false&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&ortb_device_id=2&asn=31103&sckfl=0&sckfl2=0&smbrid=10234&usp_status=0&usp_enf=1&mspa_enforced=true&pexid=APPNEXUS-1426641&geoll=false&is_ortb=true&s_ip=37.252.172.0&s_city=frankfurt+am+main&commit_id=db57e0ab&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2024-03-21+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&second_call=false&supply_cc=DE&ipcc=DE&is_msnnative_src=false&proxy=g-euw1b-rtb-common-envoy-7&header_lang=false&rtttime=23&req_tid_present=true&pvid=462&prvAccId=155514246&prvApiId=8CU62MU8E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=101633514&prspt=headerBid&prvReqId=41360240101992_1497610747_10163351414621&size=970x250&chnl=HARMONY&bdp=0.160000&bid_uuid=8a3fbf649ecacafe65c4f5e1a7ded8c5&cbdp=0.044800&og_cbdp=0.160000&ogbdp=0.16&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Fmybestsearches.com&dfpBd=0.04&dsrc=-2&dp=0&dbf=1&epc=155514246&s=1&snm=SUCCESS&pcrid=8CU62MU8E-155514246-12-2&tpbTkn=false&exid=220&bidflr=0.000&pbidflr=0.000&basebidflr=0.000&opbidflr=0.000&spbf=0&viewability=58&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1711128536193&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=435408724&strg=HARMONY&stagid=14507081&vls=0&scrid=435408724&mang=1&pvdTmax=83&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&apTags%3C%3E=75&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_badv_count=20&mx_epbc=8CU62MU8E&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_dup_profile=0&mx_bsAlgoBucket=MARK_BLOCK&mx_dup_algo=NOT_APPLICABLE&mx_bsVerdictAlgo=V1&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_bsAlgoProfile=NOT_ENOUGH_DATA&mx_aurl_hc=0&mx_aabpc=0&mx_isLossNtf=false&mx_ssBucket=0&mx_bcat_count=0&mx_gpid_sent=true&mx_commit_id=6926dcc56f&mx_exp_tokens%3C%3E=RLReqTagImpAgg%3ARLReqImpAgg%23%23ctx_canonical_exp%3Atrue%23%23loss_notification_exp%3ADEFAULT%23%23NedCkflWithData%3Aall_blk%23%23duplication-actual%3ACONTROL%23%23VSIDWithFallbackDummy%3Aac1%23%23BF_store%3AGCS%23%23duplication%3AAGGRESSIVE%23%23BlacklistBidderPubExp%3Ablk%23%23IPBLOCK_DM%3AGCS%23%23dup91%3ADUPLICATE%23%23RealTimeValidBid%3A1hr%23%23multi-sc%3ADEFAULT%23%23ProfileUpgradationNew%3ACURRENT_PROFILE%23%23NedThrtl%3Ant20%23%23prll_req%3Atrue&mx_scId=sc_default&mx_sdr=false&mx_sua_cvg=0000000&mx_tid_sent=false&mx_SPRIG=0&mx_ep_sent%3C%3E=badv&mx_fo=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sid=8CU62MU8E&mx_SC=1&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_divid=14507081&mx_tgs=970x250&mx_cklsrc=OTHERS&mx_bsMarkingVerdict%3C%3E=V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA%23%23V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA%23%23V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA%23%23V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA%23%23V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA&mx_IAB2=0&mx_dup_bucket=NOT_APPLICABLE&mx_PC=1&mx_UCC=1&mx_gpid=14507081&mx_bsWhitelistBucket=0&mx_TAF=3&mx_bsWhitelistAlgo=0&mx_isNed=1&is_video_cmp=false&isFledge=false&acid=a40c54527fe50ede2a7b9bd43b5cec04&rtime=6.0&wsip=mowx-7d896dd948-nfljw&ltime=12.0&act=headerBid&abs=0%7C0%7Cxtmax%3D120%7Cbrr%3D0&adtypes=0&impId=2759746122690766741&reftime=15000&reftype=0&dsid=14507081&insl=0&gpid=%2F1211%2Fbr.terra.mail%2Fhome%2Fcabeceira&mowxReqId=a40c54527fe50ede2a7b9bd43b5cec04_1&ecp=2.06&req_size=970x90%7C970x250%7C728x90&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=0&adpos=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&dfpDiv=14507081&supplyTagId=14507081&mnrfc=-1&sst_blk_verdict%3C%3E=EC%3AMNB%23%23C%3AMNB%23%23NP%3AMNB&v_plcmt_override=0&v_placement_override=0&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2024-03-22+17%3A28%3A56&__expireat=1711129136448&mview=1&lo_pvid=%5B462%5D&lo_dp=0&lo_bdp=0.160000&lo_cbdp=0.044800&actltime=13&rme=adm&bdata=~bx_len%3D1263~bhp%3D0~bid%3D0.160~bx_ancestor%3D0-3*20-4~bx_asn%3D31103~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0000011~bx_size%3D970x250~bx_tmax%3D80~bx_tml_suffix%3D%2F~city%3DNEUNKIRCHEN~ck_fl%3D0~dc%3Dgcp-eu-west1-b~dmm_d1%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D50~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.06~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D10~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d56%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_l%3D0.065~dmm_m1%3D0.065~dmm_m10%3D1.000~dmm_m11%3D0.973~dmm_m12%3D0.351~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.994~dmm_m16%3D0.101~dmm_m2%3D0.184~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D1.000~dmm_m36%3D1.000~dmm_m39%3D1.000~dmm_m40%3D1.000~dmm_m5%3D1.000~dmm_m51%3D1.000~dmm_m52%3D0.583~dmm_m53%3D1.000~dmm_m54%3D5.000~dmm_m55%3D1.000~dmm_m57%3D1.000~dmm_m6%3D1.000~dmm_m7%3D0.351~dmm_m73%3D1.000~dmm_m74%3D1.000~dmm_m9%3D1.000~dmm_r%3D0.101~e_rpm%3D0.065~erpm%3D0.065~hc%3D0%20%2B%200~iha%3D0~itype%3DAPPNEXUS~mgi%3D14507081~r_cc%3DDE~r_ip%3D217.114.218.0~r_sc%3DNI~rbo%3D5_3~ref_cnt%3D0~seller_tag_id%3D%2F1211%2Fbr.terra.mail%2Fhome%2Fcabeceira~std%3D%2F1211%2Fbr.terra.mail%2Fhome%2Fcabeceira~vbr%3D0~visibility%3D0~cbdp%3D0.044%7Eitype_id%3D16%7Eseller_tag_id%3D%2F1211%2Fbr.terra.mail%2Fhome%2Fcabeceira%7Esupply_tag_id%3D14507081%7Eviewability%3D0.582613%7Epos%3D0%7EcarrierId%3D0%7Eogbid%3D0.160000%7Ebflr%3D0.000%7Esuid%3D%7Edtc%3Deu_be%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Dunison12%7Einsl%3D0%7Esobp%3D%7Ehtml%3D1%7Edcut%3D70%7Edogb%3D0-1~ibc%3D1~~nsz%3D1~tgs%3D970x250~bsb%3D1~bsp%3D-1~tmx%3D83~mxbkt%3D0&utime=680&sf=0&cpr=0.11017485411851746

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.100.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-100-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:57 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 22 Mar 2024 17:28:57 GMT

GET
H2 200 rd_log Show response
fra1-ib.adnxs.com/ Frame F314 0
969 B 30ms
30ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&e=wqT_3QLsBuhsAwAAAwDWAAUBCNj_9q8GEIurpaOOybmPGRgAKjYJgCxEh8CRvD8RAlpL5RNQtD8ZAAAAYGZm5j8hAg0SACkRJPRbAjEAAADgUbiePzDSuPUGOPpPQJUJSGBQpryH6AFYs8FrYABo2LOGAXjs1wWAAQGKAQNVU0SSAQNCUkyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC4qNO6gJGaHR0cHM6Ly9tYWlsbHRlcnIyYS5pbWJveHQzZXJyYS5keW52Ni5uZXQvdGVycmEvdGVycmEucGhwP3JhbmRvbT0yODk0N4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMjOoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKa8h-gBiAUBmAUAoAXAlMfDoIKohCLABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB6gUNCglhbnRpdmlydXMSAOoFHgoaRS1tYWlsY29tc3Vwb3J0ZXRlbGVmb25pY28SAOoFEgoJdGVzdGZsb29yEgVmYWxzZeoFDwoGZmxlZGdlEgVmYWxzZeoFFAoQVGVycmFNYWlsR2lnYW50ZRIA6gUVChFFLW1haWxjb21hbnRpc3BhbRIA6gUJCgVlbWFpbBIA6gUOCgh2aWV3cG9ydBICczHqBRYKEkUtbWFpbGNvbWFudGl2aXJ1cxIA6gUUChBFLW1haWxjb21zdXBvcnRlEgDqBRkKFUUtbWFpbGNvbWFjZXNzb3NlZ3VybxIA6gUTCg9FLW1haWxwcm90ZWdpZG8BlygMCghhbnRpc3BhbQEPFAsKB3dlYgFyAQ6gEAoKY29ubmVjdGlvbhICNGfwBaPxYPoFBAgAEACQBgCYBgC4BgDBBgAtZyTQBq_xAdoGFgoQBREdAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB-zXBdIHDTWbASYI2gcGAV6gGADgBwDqBwIIAPAH4ZcCiggCEACVCAAAgD-YCAHACADSCAYIABAAGAA.&s=c1ace7407b0664c3928244e90a7427cb36b57d8c&bdref=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947,https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:56 GMT
an-x-request-uuid: 023455b9-3ce9-420f-a048-901554450dd5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.23; 217.114.218.23; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rd_log Show response
fra1-ib.adnxs.com/ Frame 30B5 0
969 B 49ms
49ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&e=wqT_3QLrBuhrAwAAAwDWAAUBCNj_9q8GEJXP-omhz6WmJhgAKjYJx7q4jQbwpj8RXnKSnAJPoD8ZAAAAQOF6AEAhXg0SACkRJPRIATEAAACgmZnJPzDJuPUGOPpPQJUJSGBQ1J7PzwFYs8FrYABo86GFAXjC2wSAAQGKAQNVU0SSAQNCUkyYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC4qNO6gJGaHR0cHM6Ly9tYWlsbHRlcnIyYS5pbWJveHQzZXJyYS5keW52Ni5uZXQvdGVycmEvdGVycmEucGhwP3JhbmRvbT0yODk0N4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMjOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAE1J7PzwGIBQGYBQCgBdPH9tqi2oLMM8AFAMkFAAAAAAAA8D_SBQkJAQoBAfB52AUB4AUB6gUeChpFLW1haWxjb21zdXBvcnRldGVsZWZvbmljbxIA6gUQCgpjb25uZWN0aW9uEgI0Z-oFDwoGZmxlZGdlEgVmYWxzZeoFCwoHd2VibWFpbBIA6gUUChBUZXJyYU1haWxHaWdhbnRlEgDqBQ4KCHZpZXcBZEQSAnMx6gUNCglhbnRpdmlydXMBawgTCg8JjCBwcm90ZWdpZG8BFjQSCgl0ZXN0Zmxvb3ISBQ1xCAwKCAE7DHNwYW0BJAgVChEJOghjb20uGAAIFAoQFRgN3gEvCBkKFRUXKGFjZXNzb3NlZ3VyBW8MCQoFZSEQASgMFgoSRTEdAVcNqlzwBYybSvoFBAgAEACQBgCYBgC4BgDBBgAFASzwP9AGr_EB2gYWChAFER0BdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHwtsE0gcNCREpASYI2gcGAV6gGADgBwDqBwIIAPAH4ZcCiggCEACVCAAAgD-YCAHACADSCAYIABAAGAA.&s=4957178a6284f76cd12f91123a4448dab42ffc98&bdref=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947,https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&

Requested by

Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:56 GMT
an-x-request-uuid: 702fe61d-a1b1-43d9-9439-3f42fe6b367c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.23; 217.114.218.23; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F314 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst3PxGLLYBMJLCbVX5vMmDnWZsol2IQRw8TIgN0t2LzGY-Bx6DswV1AcxjJgDhQTE_M8qIxwDTC24ytMl87B07YCI5s4h6gMJu9-B1EDRkxCYj0c3H8L9gOVAo-ojDUDj0mH2mVdjHB059IqsIOlr9psgjT8WjksKXloOEFsX2itLpse8b3kvr2vJXyPf6VK_HXndPySjiygVoU-CmXoxXuoKR5-svyacS8_wMbh0BdgZzm96IRXXzfbER65eHVwdMHxa3Zflxd6zafrjDM9m1jnMLBxurGsyP1qD0TCC852OS10c3t8yjPpXXB3wOYR3dPGgHqyDwBBTy2Dh6MgjNpjJvNxGw2RlVY9QaTk9XXUmgaHeSWKTrv240XwqzFqIO5eDJE39SXQ36WejT1fjHzYdZlBPrvNYvMdg&sig=Cg0ArKJSzHKyNuQS8Ik5EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F314 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c53383cb8728b70ab4d2d0b587c860ae1090218ad63c7bd77d2a9fc9a6e1b59d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame F314 0
998 B 26ms
26ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&e=wqT_3QL_BOh_AgAAAwDWAAUBCNj_9q8GEIurpaOOybmPGRgAKjYJgCxEh8CRvD8RAlpL5RNQtD8ZAAAAYGZm5j8hAg0SACkRJPTEATEAAADgUbiePzDSuPUGOPpPQJUJSGBQpryH6AFYs8FrYABo2LOGAXjs1wWAAQGKAQNVU0SSAQNCUkyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC4qNO6gJGaHR0cHM6Ly9tYWlsbHRlcnIyYS5pbWJveHQzZXJyYS5keW52Ni5uZXQvdGVycmEvdGVycmEucGhwP3JhbmRvbT0yODk0N4ADAIgDAZADAJgDF6ADAaoDQRIYMjQ1MjM4NTk5NjQxNDc2NTYzMl9zYmlkGhMxODEwMTM3MzAwOTkzNjYwMjk5Igk0ODY2NjE2NzAqBU0xMTczwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4yM6gEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEpryH6AGIBQGYBQCgBcCUx8OggqiEIsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaPxYPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aav8QHaBhYKEAAAAAE2FQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfs1wXSBw0JEScBJgzaBwYIBQm44AcA6gcCCADwB-GXAooIAhAAlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=94fc5d34b24f2211d0123df298df561d80720cad&type=nv&nvt=5&jm=1003&px=333&py=446&bw=300&bh=250&sid=5977856541857905218&vd=ct~0|rr~0&sv=243&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14507090&sw=1600&sh=1200&pw=1600&ph=1200&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/243/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:56 GMT
an-x-request-uuid: ab157b40-713f-484a-ab1a-dffbf0e51b25
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.23; 217.114.218.23; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 flagsstandalone.min.css Show response
s1.trrsf.com/update-1710942435/fe/zaz-mod-icons/_css/ 8 KB
845 B 58ms
57ms Fetch
text/css 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1710942435/fe/zaz-mod-icons/_css/flagsstandalone.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 22aa459d51cac5740dcd86312752b5c640162337d7c8d5791811772804d45ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 13:47:15 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 536

GET
H2 200 essentialstandalone.min.css Show response
s1.trrsf.com/update-1710942435/fe/zaz-mod-icons/_css/ 23 KB
2 KB 65ms
65ms Fetch
text/css 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1710942435/fe/zaz-mod-icons/_css/essentialstandalone.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 6e3708c910f964a2a8afce3340b1499a60d118683abca9a7226932dd8a8d58d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 13:47:15 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 1364

GET
H2 200 shieldsstandalone.min.css Show response
s1.trrsf.com/update-1710942438/fe/zaz-mod-icons/_css/ 21 KB
3 KB 57ms
57ms Fetch
text/css 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1710942438/fe/zaz-mod-icons/_css/shieldsstandalone.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 34635e7ad0b3cdf7f198469f6257deac45dba8ce6c9cb963f7f35cc07278d251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 13:47:18 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2329

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 30B5 0
0 53ms
53ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv_n0XU67r9Ztu_wMYjtzLtBqhXg_pPJm6eg8DTqR96U-_KKdXAWbqET6x7VXPJlhgvTQXkQe99koqYwAdPrK0SeXL3RqKbWrkhUN1iJa77eeEOY7qEcXbJ2K08OwS6E__fBtcGvWMKnjFTCxQVdCzvLCyu-aC-iKaCiC2KvRaPJqpin2TScSXrjajBiit-l_PvblEPJAIl5NaH8hLisX_wT_i5dzGZTVAz0uTUibNVVm2aLlQSlXcPb7Robd8tEPv62ExdFAIJyGluyXh_y_NNPCjVJpd7YxZbinR6e9wEQztInOrCfFzMMTw2lOpHMv5pESP1uPh-JKd0HYbybttI_-Gz7EK3vQzz5ACY0kU9K4-YExNGvgu70mc98edh2asQPGrj2_4v3_HuToXRzXVtXPqX2WLMM7Qjj8mX4u11yRE&sig=Cg0ArKJSzHbXZk6GVUS5EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 30B5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd2fff654b6f817a8d2933754a6492444102e8735c83c256d0a6cb678ce92a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 30B5 0
998 B 25ms
24ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&e=wqT_3QL-BOh-AgAAAwDWAAUBCNj_9q8GEJXP-omhz6WmJhgAKjYJx7q4jQbwpj8RXnKSnAJPoD8ZAAAAQOF6AEAhXg0SACkRJPTyATEAAACgmZnJPzDJuPUGOPpPQJUJSGBQ1J7PzwFYs8FrYABo86GFAXjC2wSAAQGKAQNVU0SSAQNCUkyYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC4qNO6gJGaHR0cHM6Ly9tYWlsbHRlcnIyYS5pbWJveHQzZXJyYS5keW52Ni5uZXQvdGVycmEvdGVycmEucGhwP3JhbmRvbT0yODk0N4ADAIgDAZADAJgDF6ADAaoDQRIYMzcxNzczMzM5MDE4MTMxMTQ0M19zYmlkGhMyNzU5NzQ2MTIyNjkwNzY2NzQxIgk0MzU0MDg3MjQqBU0xMTczwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4yM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATUns_PAYgFAZgFAKAF08f22qLagswzwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFjJtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHwtsE0gcNCQAAAAABLhwQABgA2gcGCAUJuOAHAOoHAggA8AfhlwKKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=f8eb6e897dff59827147067c40f4f50e23721765&type=nv&nvt=5&jm=1003&px=315&py=711&bw=970&bh=250&sid=5977856541857905218&vd=ct~0|rr~0&sv=243&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14507081&sw=1600&sh=1200&pw=1600&ph=1200&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/243/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:57 GMT
an-x-request-uuid: 31fb8527-1502-4557-ac8c-6eec05574ac5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.23; 217.114.218.23; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 menu-white.svg
s1.trrsf.com/update-1710941171/fe/zaz-mod-icons/svg/essential/ 471 B
513 B 60ms
59ms Image
image/svg+xml 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1710941171/fe/zaz-mod-icons/svg/essential/menu-white.svg
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: abdfabd3bdc79d4892487c7a172e6081a2c240c50aa908799dea10f28eb7e428

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:48 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 199

GET
H2 200 chevron-down-darkest.svg
s1.trrsf.com/update-1710941171/fe/zaz-mod-icons/svg/essential/ 168 B
439 B 87ms
87ms Image
image/svg+xml 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1710941171/fe/zaz-mod-icons/svg/essential/chevron-down-darkest.svg
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 4e9db79d89e736ab849a0fdd4049771badee9d6011c514b473424b4f514e7247

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:47 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 126

GET
H2 200 app-teams.min.js Show response
s1.trrsf.com/update-1674586301/fe/zaz-app-teams/_js/ 6 KB
2 KB 77ms
77ms Fetch
application/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586301/fe/zaz-app-teams/_js/app-teams.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 0442c95ddc83162ac9b126fbc73882a437803a7ebef2718bc7ed897ba44950fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:41 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2021

GET
H2 200 theme-defaultstandalone.min.css Show response
s1.trrsf.com/update-1674586301/fe/zaz-app-teams/_css/ 4 KB
1 KB 72ms
72ms Fetch
text/css 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586301/fe/zaz-app-teams/_css/theme-defaultstandalone.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: d26480a38c1de148603009f902429433aa8ca95a8af1b72be0fae1e3ada0d002

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:41 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 870

GET
DATA 200
OK truncated
/ Frame 637C 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 637C 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bql.php Show response
lg3.media.net/ Frame 637C 15 B
37 B 107ms
60ms Script
text/javascript 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=5348&&vgd_canary=0&vgd_l2type=scs_newfl&fp=QSWNg3pxs_7szuz0QPuCor4WrE6WCzw18PJ-P0lQc2LKb5wTbExrrd18d5qmoTH9mg8Z1SqM30J-EdpTGNIAurANrS98WbmOgxx-YTiyQPXNP13QIkjdo6WjAXcFmyIxMntQDUp9adwEQcPAYKzgsQtDa4sh7-Ui9nl_dHF2UI4%3D&cme=coGVwkOh4ddzGZ7gVRc7zQ_JGT8WkoJxkrHgkS-FMVmK84S_dbp_2QZKEwk3atuCyu65iRMQVwW2DjiguJNeMgYPb5fDYD7LmRkTKmmsFC0tDudWsR775gzYSQkDNLSCpM8CDFQzpQyC-mmVW1j7lhtOAtzij_xHGsJtADhzxoI0smD8XAgZqInAh4d-XD8q63K4bZJEzuIwtbY_Zc8Rxt3CJtPDX6aOx1dzMHi-xJiDA6CxRz3QF3QKRdf9wlBhN5Ak8CS_-tELWUGKcUgzcA%3D%3D%7C%7Cu8A6SM53vAd9Riqo_cVZ-EfkFgq6uEmq%7CRaVnA19mSZR1oWWPAwwk-sGquFEmFT64%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD7rjx8tRKgKBy5N9s20KnXrX5FuwkCu8id3YP3X2lFe4Z3HZkBm9NaQrQx5ELna6VxqjoPReLn216-zesS8WkbP2lYflmnJ04Y%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7Cryyx_QEo4YTSIuwUtEzTwYD123E9sPTCczQfqo9tXBjKmUrhbcexCVp427o_t5JbXyshG2uGnB6aTkvQLvQpL5nozAryJRdvfWBD_zbLr2iTyfjL8y7vtbDeRXNX5l0G9XddsrFwU0czn4qhHakUEIruVMXjl_Agb1ATEhwOnFx7ngOw4Kzv51eAuY3piSlJRrMprjuNIVCLDfUwRQG429vmLMKEYnZyqXClcQBgyyezPP_g6VAZ94FlPd8_N302v76jglopS-RCcDBdk-2Fz_WwBYrDUuWFKeLgJfbJjo4%3D%7C&subBdr=99&bdrid=462&ksu=266&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Die+10+Besten+Aktien&kwt[]=391&kbc[]=1262271193&kwp[]=1&kid[]=71911461&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D032211%7C13%3D0.0736%7C14%3D032213%7Ckus%3D5.0000%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.533%7C1%3D1.54%7C2%3D5.04&ktd[]=274894881024&kwd[]=Private+Krankenversicherung+im+Test&kwt[]=391&kbc[]=1262271193&kwp[]=2&kid[]=329492667&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D032211%7C13%3D0.1431%7C14%3D032213%7Ckus%3D5.0000%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.533%7C1%3D3.24%7C2%3D14.67&ktd[]=4503874522251520&kwd[]=Sparkonto+mit+5%25+Zinsen&kwt[]=391&kbc[]=1262271193&kwp[]=3&kid[]=329541714&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D032211%7C13%3D0.0698%7C14%3D032213%7Ckus%3D5.0000%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.533%7C1%3D1.31%7C2%3D5.49&ktd[]=4503874522251520&v=1&gdpr=1&geo=50.6%7C12.3&dlper=20&lper=100&lpid=&tsid=1&hint=&cc=DE&wsip=170774914&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22r4%22%2C%22QQN75%22%3A%22YJJLGJNU%22%2C%22QQ8E%22%3A%22fuh.uuH.fuW.9%22%2C%22QQQN%22%3A%22IV%22%7D&cid=8CU62MU8E&vi=1711128536564373464&vsid=DefVid&tdAdd[]=asnum%3D31103&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_act_status=1&vgd_fm_lang=DE&vgd_implt=3&vgd_cage=2&vgd_tsce=L446-S446&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=26522&vgd_nrrmf=303000c80a&vgd_nrrsf=scrr&vgd_cty=reichenbach&vgd_ifrmode=13&sttm=1711128536817&upk=1711128537.27981&hvsid=00001711128536817036481827843558&verid=3111299&sbdrId=99&tsrc=abtest&vgd_l1rakh=1711128536192947933&vgd_ecrid=486661670&vgd_isiolc=1&kbbq=%26asn%3D31103&vgde_ydsp=%7B%22QEx%22%3A%22XuWX~9%22%7D&vgd_mcf=68237&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzvufX9~GwEv9~G8Ov9.Au9~G-M1zNJQ7mLv9oA*f9oH~G-M1QzvAuu9A~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99999u9~G-MQ8lJvA99-fX9~G-M7Y1-vWX~G-M7YjMQxkk8-vS~N875vI4PICVD%3Dq4I~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOufvu~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvA9~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9F~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9FA~OYYMYuv9.uAH~OYYMYu9vu.999~OYYMYuuv9.iiW~OYYMYufv9.AXX~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiA~OYYMYuFv9.uAA~OYYMYfv9.uhF~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvu.999~OYYMYAFvu.999~OYYMYAivu.999~OYYMYH9vu.999~OYYMYHAvF.WWf~OYYMYXvu.999~OYYMYXuvu.999~OYYMYXfv9.AXH~OYYMYXAv9.uhW~OYYMYXHvX.999~OYYMYXXvu.999~OYYMYXhvu.999~OYYMYFvu.999~OYYMYhv9.AXX~OYYMYhAvu.999~OYYMYhHvu.999~OYYMYivu.999~OYYMLv9.fuH~JMLEYv9.uAH~JLEYv9.uAH~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~Yy8vuHX9h9i9~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNvIV~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvSufuuSGL.7JLL1.Y18jSwmYJSQu~Q7OvSufuuSGL.7JLL1.Y18jSwmYJSQu~eGLv9~e8Q8G8j875v9~NGOEv9.uuu~875EJM8OvuF~QJjjJLM71yM8OvSufuuSGL.7JLL1.Y18jSwmYJSQu~QxEEj5M71yM8OvuHX9h9i9~e8JB1G8j875v9.AXHfXA~EmQv9~N1LL8JLVOv9~myG8Ov9.Au9999~GkjLv9.999~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzuW~8zQjv9~QmGEv~w7Yjvu~ONx7vFX~OmyGv9ou~8GNvu~~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vWF~Y-GU7v9&vgd_cfud=231220&vgd_scsver=436&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1185&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001711128536817036481827843558&rc=0&rand=1711128537235&acid=b51a78893f9e5e2486090218259e6c05&matm=1711128537235&vgd_ltimesrc=1&vgd_ltime=635&vgd_rtime=626&vgd_etm=8&vgd_l1hcsd=S5h9m%7C1870&vgd_l1ch=1&vgd_lhl=1233&vgd_pgid=p0720784295t202403221728&vgd_csip=rtb-common-65577c8dc8-v96hx.BE&vgd_sbSup=1&vgd_nrrs=26522&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F1211%2Fbr.terra.mail%2Fhome%2Fs1_0__container__%7CDIV-adv-right&vgde_cdeplbl=1E8Mzm7M1e18j1GjJ&vgd_eadm=1&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2678&&kkdd=*u%7C3%7CHn*A9&Qw=GyGGGMBN07N7)0y0)7)&h-cp=G&tOcb=E&W-Q=GGBN&DOWF=1))7&Ww-=BqR7MSRB!&WcW-=)-8qdvmjNq2K6Fy6R7J5.~%3D%3D&Wpw-=)0)NN0M07&OwrF=0EE9MNE&WW=g!&OW=A!&WYJt=A~LSuj(&cw-=Bsu)2yS3_&Dcw-=evNNyMN&YDDcO=G&ppp=DrLfY1W.f1B_lyWCax0rGFVf)!yjQIWBW_5_wj3Jl8AB(u5f6j*VzQJrxh-rB5xu.8nWFcwlQAh4e)bdwStRzOIQ8wJQm!.F&JOF=N&.U=G&Ih-=)&b-DG=BqRAN!j)B&b-DM=GEG700NG)&l-bDb=ol9x.FJ%3DGMNEolYc%3DEolw-%3DEk0GEol9xbJWFODCp%3DEf0XMEf)ol9xbOJ%3D0GGE0ol9xF9c%3DEol9xhwJOI%3DEol9xwJDt-%3DEol9xpY%3D)yg!ncTBAHol9xpcW%3DEEEEEGEol9xOwrF%3D0EE9MNEol9xDtb9%3DBNol9xDt.xOIaaw9%3D%2FoWwDV%3Dj!Rj_vLqA!joW6xa.%3DEo-W%3DhWcfFIfUFODGflo-ttx-G%3DEo-ttx-GE%3DEo-ttx-GM%3DGo-ttx-G)%3DEo-ttx-GN%3DGo-ttx-G7%3D0o-ttx-Gy%3DEo-ttx-GB%3D0Eo-ttx-M%3Deo-ttx-MG%3DfGo-ttx-MM%3DEkE7o-ttx-M)%3DNo-ttx-MN%3D-Fax-Fao-ttx-MB%3DNo-ttx-M*%3DEkEEo-ttx-0%3DEo-ttx-0E%3DEo-ttx-0M%3DEo-ttx-00%3DEo-ttx-07%3Dj~o-ttx-0y%3Deo-ttx-)%3DEEo-ttx-)E%3DEo-ttx-)M%3DEo-ttx-)0%3DEo-ttx-))%3DcpC-o-ttx-)N%3DEo-ttx-)7%3DLo-ttx-NG%3DEo-ttx-NM%3DEkEEo-ttx-N7%3DEo-ttx-y%3DEo-ttx-B%3DEo-ttx.%3DEkE70o-ttxtG%3DEkG0)o-ttxtGE%3DGkEEEo-ttxtGG%3DEk**Bo-ttxtGM%3DEk0NNo-ttxtG0%3DGkEEEo-ttxtG)%3DGkEEEo-ttxtGN%3DEk**0o-ttxtG7%3DEkG00o-ttxtM%3DEkGy7o-ttxtMG%3DGkEEEo-ttxtM0%3DGkEEEo-ttxtM)%3DGkEEEo-ttxtMN%3DGkEEEo-ttxtM*%3DGkEEEo-ttxt0%3DGkEEEo-ttxt0E%3DGkEEEo-ttxt0)%3DGkEEEo-ttxt0N%3DGkEEEo-ttxt07%3DGkEEEo-ttxt0*%3DGkEEEo-ttxt)E%3DGkEEEo-ttxt)0%3D7kBBMo-ttxtN%3DGkEEEo-ttxtNG%3DGkEEEo-ttxtNM%3DEk0N)o-ttxtN0%3DEkGyBo-ttxtN)%3DNkEEEo-ttxtNN%3DGkEEEo-ttxtNy%3DGkEEEo-ttxt7%3DGkEEEo-ttxty%3DEk0NNo-ttxty0%3DGkEEEo-ttxty)%3DGkEEEo-ttxt*%3DGkEEEo-ttxp%3DEkMG)oFxpct%3DEkG0)oFpct%3DEkG0)oYW%3DE%20%2B%20EowYb%3DEowDVcF%3D~ssj!dR5othw%3DG)NEyE*EopxWW%3Dg!opxwc%3DMGykGG)kMGBkEopxOW%3DjvoplC%3DNx0opFaxWJD%3DEoOF..FpxDbhxw-%3D%2FGMGG%2FlpkDFppbktbw.%2FYCtF%2FOGoOD-%3D%2FGMGG%2FlpkDFppbktbw.%2FYCtF%2FOGoQlp%3DEoQwOwlw.wDV%3DEoWl-c%3DEkGGGowDVcFxw-%3DG7oOF..FpxDbhxw-%3D%2FGMGG%2FlpkDFppbktbw.%2FYCtF%2FOGoOIcc.VxDbhxw-%3DG)NEyE*EoQwFUblw.wDV%3DEk0N)MN0ocCO%3DEoWbppwFpv-%3DEoChlw-%3DEk0GEEEEola.p%3DEkEEEoOIw-%3Do-DW%3DFIxlFo-ttxFpct%3Dab.OFo-tt%3DYbptCJVol-cWbc-%3DEo-b.h%3DIJwOCJGBowJO.%3DEoOClc%3DoYDt.%3DGo-WID%3D7No-Chl%3DEfGowlW%3DGooJOr%3DGoDhO%3D0EE9MNEolOl%3DGolOc%3DfGoDt9%3DB7ot9l6D%3DE&JDQ=E&wU=0EE&wJvap=G&l-pv-=)7M&lw-=0NE70N&tWa=7BM0y&V-Ocp=G&6bDcpF=G&6bDlw-=fGE0&Wb-CtbwJ=DrLfY1W.f1fpc7S0W9VvB!HSL)h_)f6UpCxbrTyS5!R%3D&Vc.c=G&wOw-=N&b-Q=SV%20HFOD%205FbpWYFO&bWD=sHvJH)9jrjKpba9)IjH9ah909aja%2F~rbja~&chw-=cEyMEyB)M*NDMEM)E0MMGyMB&OO.-=%7B%22OOwc%22%3A%22MGykGG)kMGBkE%22%2C%22OOWW%22%3A%22g!%22%2C%22OOOW%22%3A%22jv%22%2C%22OOWDV%22%3A%22tFFplFW6%22%7D&YDt.OpW=G&sflct=8110349&ure=1

Protocol

Security

QUIC, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=21600
date: Fri, 22 Mar 2024 17:28:57 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 15
expires: Fri, 22 Mar 2024 17:28:57 GMT

GET
DATA 200
OK truncated
/ Frame 6E08 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6E08 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 OpenSans_Semibold.woff
contextual.media.net/__media__/fonts/OpenSans_Semibold/ Frame 6E08 21 KB
21 KB 41ms
41ms Font
font/woff 88.221.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/OpenSans_Semibold/OpenSans_Semibold.woff

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2703&&kkdd=3u%7CH%7Cn*9A&JF=YfYYY(sW758(7(UYUU8&)an!=Y&3tnL=i&IaJ=YYsW&EtI6=wUU5&IFa=smB5(NBs9&InIa=UajmpxDuWm-db6fbB5hcGS%3D%3D&I!Fa=YWWWYU(U5&tF46=8fiA(Wi&II=K9&tI=29&Iyh3=2SrN1uV&nFa=s.1WcwveU&EnFa=vWfx9im&yEEnt=Y&!!!=E4rOywIGOwsoTfIlCR74Y6XOU9fuJPIsIocoFuQhTj2sV1cObu8X0Jh4R)a4scR1GjeI6nFTJ2)kvULpFN3B0tPJjFhJD9G6&ht6=W&Gq=Y&P)a=U&LaEY=smB2W9uUs&LaE(=YiY577WYU&TaLEL=zTARG6h%3DY(57zTyn%3DizTFa%3DiMY5izTARLhI6tEl!%3DiO7_(iOUzTARLth%3D7YYi7zTAR6An%3DizTAR)FhtP%3DizTARFhE3a%3DizTAR!y%3DUfK9enZs2~zTAR!nI%3DiiiiiYYzTARtF46%3D8fiA(WizTARE3LA%3DsizTARE3GRtPCCFA%3D%2FzIFEX%3Du9Buoxrm29uzIbRCG%3DizaI%3D)InO6POq6tEYOTza33RaY%3Diza33RaYi%3Diza33RaY(%3DYza33RaYU%3Diza33RaYW%3DYza33RaY5%3D7za33RaYf%3Diza33RaYs%3DWiza33RaY8%3DYiiiza33Ra(%3Dvza33Ra(Y%3DOYza33Ra((%3DiMi5za33Ra(U%3DWza33Ra(W%3Da6CRa6Cza33Ra(s%3DWza33Ra(8%3DiMiiza33Ra7%3Diza33Ra7i%3Diza33Ra7(%3Diza33Ra77%3Diza33Ra75%3DuSza33Ra7f%3Dvza33RaU%3DYiza33RaUi%3Diza33RaU(%3Diza33RaU7%3Diza33RaUU%3Dn!laza33RaUW%3Diza33RaU5%3Drza33RaWY%3Diza33RaW(%3DiMiiza33RaW5%3Diza33Raf%3Diza33Ras%3Diza33RG%3DiMi5Wza33R3Y%3DiMi5Wza33R3Yi%3DYMiiiza33R3YY%3DiM8f7za33R3Y(%3DiM7WYza33R3Y7%3DYMiiiza33R3YU%3DYMiiiza33R3YW%3DiM88Uza33R3Y5%3DiMYiYza33R3(%3DiMYsUza33R3(Y%3DYMiiiza33R3(7%3DYMiiiza33R3(U%3DYMiiiza33R3(W%3DYMiiiza33R3(8%3DYMiiiza33R37%3DYMiiiza33R37i%3DYMiiiza33R37U%3DYMiiiza33R37W%3DYMiiiza33R375%3DYMiiiza33R378%3DYMiiiza33R3Ui%3DYMiiiza33R3W%3DYMiiiza33R3WY%3DYMiiiza33R3W(%3DiMWs7za33R3W7%3DYMiiiza33R3WU%3DWMiiiza33R3WW%3DYMiiiza33R3Wf%3DYMiiiza33R35%3DYMiiiza33R3f%3DiM7WYza33R3f7%3DYMiiiza33R3fU%3DYMiiiza33R38%3DYMiiiza33R!%3DiMYiYz6R!n3%3DiMi5Wz6!n3%3DiMi5WzyI%3Di%20%2B%20izFyL%3DizFEXn6%3DS..u9pBcz3)F%3DYUWifisYz!RII%3DK9z!RFn%3D(YfMYYUM(YsMiz!RtI%3Duxz!Tl%3DWR7z!6CRIhE%3Dizt6GG6!REL)RFa%3D%2FY(YY%2FT!ME6!!LM3LFG%2Fyl36%2FILT6I6F!LztEa%3D%2FY(YY%2FT!ME6!!LM3LFG%2Fyl36%2FILT6I6F!LzJT!%3DizJFtFTFGFEX%3DizITan%3DiMiUUzFEXn6RFa%3DY5zt6GG6!REL)RFa%3D%2FY(YY%2FT!ME6!!LM3LFG%2Fyl36%2FILT6I6F!LztPnnGXREL)RFa%3DYUWifisYzJF6qLTFGFEX%3DiMWs(5Y7znlt%3DizIL!!F6!xa%3Dizl)TFa%3DiMY5iiiizTCG!%3DiMiiiztPFa%3DzaEI%3D6PRT6za33R6!n3%3DCLGt6za33%3DyL!3lhXzTanILna%3DizaLG)%3DPhFtlhY(zFhtG%3DiztlTn%3DzyE3G%3DYzaIPE%3Dfizal)T%3DiOYzFTI%3DYzzht4%3DYzE)t%3D8fiA(WizTtT%3DYzTtn%3DOYzE3A%3Ds7z3ATbE%3Di&hEJ=i&Fq=8fi&FhxC!=Y&Ta!xa=U5(&TFa=7U8i57&3IC=5s(7f&Xatn!=Y&bLEn!6=Y&bLETFa=OYi7&ILal3LFh=E4rOywIGOwO!n5N7IAXxs9~NrU)oUObq!lRL4ZfNc9B%3D&XnGn=Y&FtFa=W&LaJ=NX%20~6tE%20c6L!Iy6t&LIE=.~xCd%2FSh!6d6%2F!4uuu!AhUSLPhuPu7%2F~~4%2F&n)Fa=nif(ifsU(8WE(i(Ui7((Yf(s&ttGa=%7B%22ttFn%22%3A%22(YfMYYUM(YsMi%22%2C%22ttII%22%3A%22K9%22%2C%22tttI%22%3A%22ux%22%2C%22ttIEX%22%3A%22366!T6Ib%22%7D&yE3Gt!I=Y&sflct=8353880&ure=1

Protocol

Security

QUIC, , AES_256_GCM

Server

88.221.124.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2703&&kkdd=3u%7CH%7Cn*9A&JF=YfYYY(sW758(7(UYUU8&)an!=Y&3tnL=i&IaJ=YYsW&EtI6=wUU5&IFa=smB5(NBs9&InIa=UajmpxDuWm-db6fbB5hcGS%3D%3D&I!Fa=YWWWYU(U5&tF46=8fiA(Wi&II=K9&tI=29&Iyh3=2SrN1uV&nFa=s.1WcwveU&EnFa=vWfx9im&yEEnt=Y&!!!=E4rOywIGOwsoTfIlCR74Y6XOU9fuJPIsIocoFuQhTj2sV1cObu8X0Jh4R)a4scR1GjeI6nFTJ2)kvULpFN3B0tPJjFhJD9G6&ht6=W&Gq=Y&P)a=U&LaEY=smB2W9uUs&LaE(=YiY577WYU&TaLEL=zTARG6h%3DY(57zTyn%3DizTFa%3DiMY5izTARLhI6tEl!%3DiO7_(iOUzTARLth%3D7YYi7zTAR6An%3DizTAR)FhtP%3DizTARFhE3a%3DizTAR!y%3DUfK9enZs2~zTAR!nI%3DiiiiiYYzTARtF46%3D8fiA(WizTARE3LA%3DsizTARE3GRtPCCFA%3D%2FzIFEX%3Du9Buoxrm29uzIbRCG%3DizaI%3D)InO6POq6tEYOTza33RaY%3Diza33RaYi%3Diza33RaY(%3DYza33RaYU%3Diza33RaYW%3DYza33RaY5%3D7za33RaYf%3Diza33RaYs%3DWiza33RaY8%3DYiiiza33Ra(%3Dvza33Ra(Y%3DOYza33Ra((%3DiMi5za33Ra(U%3DWza33Ra(W%3Da6CRa6Cza33Ra(s%3DWza33Ra(8%3DiMiiza33Ra7%3Diza33Ra7i%3Diza33Ra7(%3Diza33Ra77%3Diza33Ra75%3DuSza33Ra7f%3Dvza33RaU%3DYiza33RaUi%3Diza33RaU(%3Diza33RaU7%3Diza33RaUU%3Dn!laza33RaUW%3Diza33RaU5%3Drza33RaWY%3Diza33RaW(%3DiMiiza33RaW5%3Diza33Raf%3Diza33Ras%3Diza33RG%3DiMi5Wza33R3Y%3DiMi5Wza33R3Yi%3DYMiiiza33R3YY%3DiM8f7za33R3Y(%3DiM7WYza33R3Y7%3DYMiiiza33R3YU%3DYMiiiza33R3YW%3DiM88Uza33R3Y5%3DiMYiYza33R3(%3DiMYsUza33R3(Y%3DYMiiiza33R3(7%3DYMiiiza33R3(U%3DYMiiiza33R3(W%3DYMiiiza33R3(8%3DYMiiiza33R37%3DYMiiiza33R37i%3DYMiiiza33R37U%3DYMiiiza33R37W%3DYMiiiza33R375%3DYMiiiza33R378%3DYMiiiza33R3Ui%3DYMiiiza33R3W%3DYMiiiza33R3WY%3DYMiiiza33R3W(%3DiMWs7za33R3W7%3DYMiiiza33R3WU%3DWMiiiza33R3WW%3DYMiiiza33R3Wf%3DYMiiiza33R35%3DYMiiiza33R3f%3DiM7WYza33R3f7%3DYMiiiza33R3fU%3DYMiiiza33R38%3DYMiiiza33R!%3DiMYiYz6R!n3%3DiMi5Wz6!n3%3DiMi5WzyI%3Di%20%2B%20izFyL%3DizFEXn6%3DS..u9pBcz3)F%3DYUWifisYz!RII%3DK9z!RFn%3D(YfMYYUM(YsMiz!RtI%3Duxz!Tl%3DWR7z!6CRIhE%3Dizt6GG6!REL)RFa%3D%2FY(YY%2FT!ME6!!LM3LFG%2Fyl36%2FILT6I6F!LztEa%3D%2FY(YY%2FT!ME6!!LM3LFG%2Fyl36%2FILT6I6F!LzJT!%3DizJFtFTFGFEX%3DizITan%3DiMiUUzFEXn6RFa%3DY5zt6GG6!REL)RFa%3D%2FY(YY%2FT!ME6!!LM3LFG%2Fyl36%2FILT6I6F!LztPnnGXREL)RFa%3DYUWifisYzJF6qLTFGFEX%3DiMWs(5Y7znlt%3DizIL!!F6!xa%3Dizl)TFa%3DiMY5iiiizTCG!%3DiMiiiztPFa%3DzaEI%3D6PRT6za33R6!n3%3DCLGt6za33%3DyL!3lhXzTanILna%3DizaLG)%3DPhFtlhY(zFhtG%3DiztlTn%3DzyE3G%3DYzaIPE%3Dfizal)T%3DiOYzFTI%3DYzzht4%3DYzE)t%3D8fiA(WizTtT%3DYzTtn%3DOYzE3A%3Ds7z3ATbE%3Di&hEJ=i&Fq=8fi&FhxC!=Y&Ta!xa=U5(&TFa=7U8i57&3IC=5s(7f&Xatn!=Y&bLEn!6=Y&bLETFa=OYi7&ILal3LFh=E4rOywIGOwO!n5N7IAXxs9~NrU)oUObq!lRL4ZfNc9B%3D&XnGn=Y&FtFa=W&LaJ=NX%20~6tE%20c6L!Iy6t&LIE=.~xCd%2FSh!6d6%2F!4uuu!AhUSLPhuPu7%2F~~4%2F&n)Fa=nif(ifsU(8WE(i(Ui7((Yf(s&ttGa=%7B%22ttFn%22%3A%22(YfMYYUM(YsMi%22%2C%22ttII%22%3A%22K9%22%2C%22tttI%22%3A%22ux%22%2C%22ttIEX%22%3A%22366!T6Ib%22%7D&yE3Gt!I=Y&sflct=8353880&ure=1
Origin: https://contextual.media.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 23 Mar 2024 17:28:57 GMT
date: Fri, 22 Mar 2024 17:28:57 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600
content-length: 21704
quic-version: 0x00000001

GET
H3 200 bql.php Show response
lg3.media.net/ Frame 6E08 15 B
37 B 54ms
54ms Script
text/javascript 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=6845&&vgd_canary=0&vgd_l2type=scs_newfl&fp=JpddXl4AHa6hX6SGgSP2j1X9ZoZvftdEUcTNZfNBzPrWwSVWYeNkUISenrH5lD6puEn7i5WteU8Hu1dORCA0mAI3bISNhDJp5HxFv4zxmzje1omfhPPX26Gy6Y3llerrKw3VwuiRtHiP69SV2qbjk_sjf5jN5bu8slOAbqw1grY%3D&cme=XTPIHKwcNedz8LFcrb6D-i4JCXs9Cn_azRu4Goos8jN5bSO5k4Z8BQt58EC7iUIAPcAMXK6BUR2F6aDkfAWR0frpuVwHVc_vvaEcwXyT1x5JrgEQLgYcRiLx8aIijePmi70vsjSXUkvTSaR2FlqmBvme5doSDCKHzPhlceAlQTyCXZLtqv0wo9PlQInZfoPOiMScAieRRcgPEOqz6Q5Gu8xt0dIlM_i4Un_uPIw6OJL5gBjOZ6cvqNiTiwXsn0E0PJQITYIFbK0givTUE7EsWQ%3D%3D%7C%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CGG1LUuSpt_HXk_CSuA4rn2a-OdVJKVtiduzistYR-CeyhB0Uo5AjNkKJqfF6ZtUeMtiFBkpF6yMr1pLOXmkZ4T2_tJHpW1G_TXqQDViL_OIjeUi5OCt0rCTUbiLXbRAvO-hN-HY7lerJJkyoXXmBg3VAFbnaWERp65F6McRhKbq6UQ0_TIMChreg1l4NJckPH13lL52ptEVZw8whS_xPZ1JpV7jAzebsF6WMaKDddGYFnB6sPJkvV18SswkRyv5SwbAW50l0NBrrylaus3NA9PSfJ_3lLZ4Wop80A-rQOizbAtgjV3BjqQ%3D%3D%7Cu8A6SM53vAd9Riqo_cVZ-EfkFgq6uEmq%7CRaVnA19mSZR1oWWPAwwk-sGquFEmFT64%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD7rjx8tRKgKBy5N9s20KnXrX5FuwkCu8id3YP3X2lFe4Z3HZkBm9NaQrQx5ELna6VxqjoPReLn216-zesS8WkbP2lYflmnJ04Y%3D%7C&subBdr=99&bdrid=462&ksu=266&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Die+10+besten+Aktien&kwt[]=391&kbc[]=1262271193&kwp[]=1&kid[]=329506286&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D032211%7C13%3D0.1020%7C14%3D032213%7Ckus%3D5.0000%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.533%7C1%3D1.94%7C2%3D4.83&ktd[]=274894881024&kwd[]=Sparkonto+mit+5%25+Zinsen&kwt[]=391&kbc[]=1262271193&kwp[]=2&kid[]=329541714&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D032211%7C13%3D0.0732%7C14%3D032213%7Ckus%3D5.0000%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.533%7C1%3D1.31%7C2%3D5.49&ktd[]=274894881024&kwd[]=Immobilien+bewertung+kostenlos&kwt[]=391&kbc[]=1262271193&kwp[]=3&kid[]=866725235&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D032211%7C13%3D0.0563%7C14%3D032213%7Ckus%3D5.0000%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.533%7C1%3D0.23%7C2%3D3.44&ktd[]=274894881024&kwd[]=Private+Krankenversicherung+im+Test&kwt[]=391&kbc[]=1262271193&kwp[]=4&kid[]=329492667&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D032211%7C13%3D0.1062%7C14%3D032213%7Ckus%3D5.0000%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.533%7C1%3D3.24%7C2%3D14.67&ktd[]=4503874522251520&kwd[]=Wohnungswert+ermitteln&kwt[]=391&kbc[]=1262271193&kwp[]=5&kid[]=866725255&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D032211%7C13%3D0.0558%7C14%3D032213%7Ckus%3D5.0000%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.533%7C1%3D1.01%7C2%3D3.31&ktd[]=274894881024&kwd[]=Wie+Viel+Ist+Meine+Wohnung+Wert&kwt[]=391&kbc[]=1262271193&kwp[]=6&kid[]=866725253&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D032211%7C13%3D0.0563%7C14%3D032213%7Ckus%3D5.0000%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.533%7C1%3D2.34%7C2%3D12.10&ktd[]=4503874522251520&kwd[]=Kostenlose+mmobilienbewertung&kwt[]=391&kbc[]=1262271193&kwp[]=7&kid[]=866725238&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D032211%7C13%3D0.0406%7C14%3D032213%7Ckus%3D5.0000%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.533%7C1%3D0.90%7C2%3D2.17&ktd[]=4503874522251520&kwd[]=Wohnung+verkaufen+berlin&kwt[]=391&kbc[]=1262271193&kwp[]=8&kid[]=866725254&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D032211%7C13%3D0.0561%7C14%3D032213%7Ckus%3D5.0000%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.533%7C1%3D0.64%7C2%3D2.81&ktd[]=4503874522251520&v=1&gdpr=1&geo=50.6%7C12.3&dlper=20&lper=100&lpid=&tsid=15062&hint=&cc=DE&wsip=170774818&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22r4%22%2C%22QQN75%22%3A%22YJJLGJNU%22%2C%22QQ8E%22%3A%22fuh.uuH.fuW.9%22%2C%22QQQN%22%3A%22IV%22%7D&cid=8CU62MU8E&vi=1711128536923241449&vsid=DefVid&tdAdd[]=asnum%3D31103&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_act_status=1&vgd_fm_lang=DE&vgd_implt=3&vgd_cage=2&vgd_tsce=L446-S446&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=26522&vgd_nrrmf=303000c80a&vgd_nrrsf=scrr&vgd_cty=reichenbach&vgd_ifrmode=13&sttm=1711128536856&upk=1711128537.26016&hvsid=00001711128536856036481827847004&verid=3111299&sbdrId=99&tsrc=entity&vgd_l1rakh=1711128536190757882&vgd_ecrid=435408724&vgd_isiolc=1&kbbq=%26asn%3D31103&vgde_ydsp=%7B%22QEx%22%3A%22XuWX~9%22%7D&vgd_mcf=68237&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzvufFA~GwEv9~G8Ov9.uF9~G-M1zNJQ7mLv9oA*f9oH~G-M1QzvAuu9A~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99999uu~G-MQ8lJvih9-fX9~G-M7Y1-vW9~G-M7YjMQxkk8-vS~N875vI4PICVD%3Dq4I~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOufvu~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9F~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9FX~OYYMYuv9.9FX~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.AXu~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiH~OYYMYuFv9.u9u~OYYMYfv9.uWH~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvu.999~OYYMYAFvu.999~OYYMYAivu.999~OYYMYH9vu.999~OYYMYXvu.999~OYYMYXuvu.999~OYYMYXfv9.XWA~OYYMYXAvu.999~OYYMYXHvX.999~OYYMYXXvu.999~OYYMYXhvu.999~OYYMYFvu.999~OYYMYhv9.AXu~OYYMYhAvu.999~OYYMYhHvu.999~OYYMYivu.999~OYYMLv9.u9u~JMLEYv9.9FX~JLEYv9.9FX~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~Yy8vuHX9h9Wu~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNvIV~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvSufuuSGL.7JLL1.Y18jSwmYJSN1GJNJ8L1~Q7OvSufuuSGL.7JLL1.Y18jSwmYJSN1GJNJ8L1~eGLv9~e8Q8G8j875v9~NGOEv9.9HH~875EJM8OvuF~QJjjJLM71yM8OvSufuuSGL.7JLL1.Y18jSwmYJSN1GJNJ8L1~QxEEj5M71yM8OvuHX9h9Wu~e8JB1G8j875v9.XWfFuA~EmQv9~N1LL8JLVOv9~myG8Ov9.uF9999~GkjLv9.999~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzuf~8zQjv9~QmGEv~w7Yjvu~ONx7vh9~OmyGv9ou~8GNvu~~zQlvu~7yQvih9-fX9~GQGvu~GQEvou~7Y-vWA~Y-GU7v9&vgd_cfud=230710&vgd_scsver=436&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=970_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1185&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=3&tdAdd[]=uiparams%3D%3Brend_w%3A970%3Brend_h%3A250&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001711128536856036481827847004&rc=0&rand=1711128537275&acid=a40c54527fe50ede2a7b9bd43b5cec04&matm=1711128537275&vgd_ltimesrc=1&vgd_ltime=684&vgd_rtime=658&vgd_etm=5&vgd_l1hcsd=S5h9m%7C1870&vgd_l1ch=1&vgd_lhl=1241&vgd_pgid=p0720784295t202403221728&vgd_csip=rtb-common-6ff4d9c958-v74ff.BE&vgd_sbSup=1&vgd_nrrs=26522&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F1211%2Fbr.terra.mail%2Fhome%2Fcabeceira_0__container__%7CDIV-mod-footer&vgde_cdeplbl=1E8Mzm7M1e18j1GjJ&vgd_eadm=1&vgd_end=1

Requested by

Protocol

Security

QUIC, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=21600
date: Fri, 22 Mar 2024 17:28:57 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 15
expires: Fri, 22 Mar 2024 17:28:57 GMT

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 61ms
21ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: maillterr2a.imboxt3erra.dynv6.net
URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:24:20 GMT
content-encoding: gzip
age: 18277
x-guploader-uploadid: ABPtcPoyu0wXNmbMUctZcNxdEdPH44ujwwmU8GJmO7cH-vjVEgr7eswUZLevJk6fK9uElJyLrnE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6116
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash: crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation: 1694696370171925
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6116
accept-ranges: bytes
expires: Sat, 23 Mar 2024 12:24:20 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 66ms
65ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403190101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccd1a05d8f01a694d2b63b293a45e2c1985cc36cdaa02c17adf2b48365d4f151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12440
x-xss-protection: 0

GET
H2 200 menu-navbar.min.js Show response
s1.trrsf.com/update-1674586290/fe/zaz-app-menu-navbar/_js/ 23 KB
6 KB 74ms
74ms Fetch
application/javascript 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586290/fe/zaz-app-menu-navbar/_js/menu-navbar.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: c742fe1454397b333346b9fe2ce4b097418f7403a3150261a904a2b54b89e005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:30 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 5648

GET
H2 200 theme-default.min.css Show response
s1.trrsf.com/update-1674586290/fe/zaz-app-menu-navbar/_css/ 28 KB
4 KB 62ms
62ms Fetch
text/css 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586290/fe/zaz-app-menu-navbar/_css/theme-default.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 2aef9d5cd3b7f763135c7a2e5065923c4c69e2b8112679206d0aba6fb862bff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:30 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 3353

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 22ms
21ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 02:06:01 GMT
content-encoding: gzip
age: 55376
x-guploader-uploadid: ABPtcPrQfBi31UYAa7zjmo04KtHYXBb-6-bE1oEpzUbrbulsdHvGqXQfmJDonSSL86QbVGVqU8ggyBNUJQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash: crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation: 1694696370056280
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8334
accept-ranges: bytes
expires: Sat, 23 Mar 2024 02:06:01 GMT

GET
H2 200 trk
tt-10969-0.seg.t.tailtarget.com/ 70 B
647 B 206ms
125ms Image
image/png 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10969-0.seg.t.tailtarget.com/trk?tA=TT-10969-0&tJ=_channel:bratargettecinformaticaapple:1|_channel:bratargetdiversidade:1&tK=1711128537&tM=direct&tL=direct&tN=direct&tY=3&tZ=697747022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 191ms
136ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 17:28:57 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 72 B
505 B 198ms
119ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttqtt_terra
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: ff0cd05e27929098f66a6e62ef938527f24fa52284c075b3ebda4772d605dd94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 02FD 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 10:24:25 GMT
expires: Sat, 22 Mar 2025 10:24:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 02FD 40 KB
16 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 12:05:14 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 128 B
551 B 126ms
125ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10969-0&tY=1&tS=4&tU=0100007FD9BFFD65C906EF590246041E&tX=b.52&tZ=144559304&env=_ttqtt_terra
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: bb28d75d3285c675665eb8af682e084b306c8fdb173553a70824ed42c475fbe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 02FD 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZW83dA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 log
hblg.media.net/ Frame F314 35 B
191 B 30ms
29ms Image
image/gif 2.19.100.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAABAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQGI1MWE3ODg5M2Y5ZTVlMjQ4NjA5MDIxODI1OWU2YzA11Lf2YJwHBERFQm1haWxsdGVycjJhLmltYm94dDNlcnJhLmR5bnY2Lm5ldBI4Q1VINUVONDgQMTQ1MDcwOTAOMzAweDI1MApldV9iZTI4Q1U2Mk1VOEUtNDM0NTUzMjM2LTEyLTI4BDIzEEFQUE5FWFVTEjhQUjExM0pHQwY0NjIAEDE0NTA3MDkwAjA8cnRiLWNvbW1vbi02NTU3N2M4ZGM4LXY5Nmh4LkJFEjQ4NjY2MTY3MAIwACABEEVYQ0hBTkdFAgJi&evttyp=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.100.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-100-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:57 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 22 Mar 2024 17:28:57 GMT

GET
H2 200 log
hblg.media.net/ Frame 30B5 35 B
191 B 29ms
29ms Image
image/gif 2.19.100.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAABAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQGE0MGM1NDUyN2ZlNTBlZGUyYTdiOWJkNDNiNWNlYzA01Lf2YJwHBERFQm1haWxsdGVycjJhLmltYm94dDNlcnJhLmR5bnY2Lm5ldBI4Q1VINUVONDgQMTQ1MDcwODEOOTcweDI1MApldV9iZTA4Q1U2Mk1VOEUtMTU1NTE0MjQ2LTEyLTIEMjMQQVBQTkVYVVMSOFBSMTEzSkdDBjQ2MgAQMTQ1MDcwODECMDxydGItY29tbW9uLTZmZjRkOWM5NTgtdjc0ZmYuQkUSNDM1NDA4NzI0AjAAIAEQRVhDSEFOR0UCAmI&evttyp=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.100.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-100-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:57 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 22 Mar 2024 17:28:57 GMT

GET
H2 200 include Show response
p1.trrsf.com/api/includer/ 88 B
312 B 55ms
55ms Fetch
application/json 2a02:26f0:780::5f65:36d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/includer/include?component=Teams&country=br&env=prod&format=json&group=web&scheme=https&standalone=true%3Fv%3D5
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1704721903504/fe/zaz-cerebro/prd/scripts/zaz.min.js?standalone=true?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: acefce6852ea3b66c75784de53d12e3dc7e494fea3409fa5c154432058eb4c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:57 GMT
content-encoding: gzip
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: STALE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length: 86
x-includer-uuid: 615cb414-2a36-4f76-8e28-824a2fc68af2

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F314 42 B
64 B 54ms
53ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubqjGmWvLIS7IPAxV6ENYpIhdqUj5Gb1RLu4AyIEfje04wFoRYcTtkURN8OAKEEOAcaC2tb_noQ9Sboeq4jqad7igx_WclHcwGac4708mfuN44EOcCI9UC0aTSbBYEVWbiPI7PGEZXpghbcWD49xMSspFFDbdpQ2HnQ8RT&sig=Cg0ArKJSzNguMV9AZ3upEAE&id=lidar2&mcvt=1000&p=446,333,700,633&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240320&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=3904963271&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=706133600&rst=1711128536515&rpt=434&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ca Show response
tt-10969-0.seg.t.tailtarget.com/ 99 B
134 B 120ms
120ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10969-0.seg.t.tailtarget.com/ca?tZ=67822848&env=_ttqtt_terra
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 6569766813c1967cd49f2685aa30bbcb4517126af887bcae04092d26ade399b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:58 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame F314 0
998 B 25ms
24ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&e=wqT_3QL_BOh_AgAAAwDWAAUBCNj_9q8GEIurpaOOybmPGRgAKjYJgCxEh8CRvD8RAlpL5RNQtD8ZAAAAYGZm5j8hAg0SACkRJPTEATEAAADgUbiePzDSuPUGOPpPQJUJSGBQpryH6AFYs8FrYABo2LOGAXjs1wWAAQGKAQNVU0SSAQNCUkyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC4qNO6gJGaHR0cHM6Ly9tYWlsbHRlcnIyYS5pbWJveHQzZXJyYS5keW52Ni5uZXQvdGVycmEvdGVycmEucGhwP3JhbmRvbT0yODk0N4ADAIgDAZADAJgDF6ADAaoDQRIYMjQ1MjM4NTk5NjQxNDc2NTYzMl9zYmlkGhMxODEwMTM3MzAwOTkzNjYwMjk5Igk0ODY2NjE2NzAqBU0xMTczwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4yM6gEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEpryH6AGIBQGYBQCgBcCUx8OggqiEIsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaPxYPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aav8QHaBhYKEAAAAAE2FQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfs1wXSBw0JEScBJgzaBwYIBQm44AcA6gcCCADwB-GXAooIAhAAlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=94fc5d34b24f2211d0123df298df561d80720cad&type=pv&jm=1003&px=333&py=446&bw=300&bh=250&sf=1&sid=5977856541857905218&vd=ct~0|rr~5&sv=243&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14507090&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/243/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:58 GMT
an-x-request-uuid: 17d122c9-4485-4536-bf2d-b1dd7f1d9bf0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.23; 217.114.218.23; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 30B5 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufSbjr82Tvqfw2c3_Wfjdov-h6pmoQJTGu6lIjszF1j8tApE68jHMaweW_F9ZKqAhQXf3fxGM4iMqDG0O4KBrCmrgnfmGDlwtvsf7YVlHN_RBpZKPzNKYWGunr73OPMx6awErsB68eU9rC15nxZNFN3gPKdpBWf7Y1PzcD&sig=Cg0ArKJSzFqQ5YRKcrxwEAE&id=lidar2&mcvt=1000&p=711,315,965,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240320&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=3023070111&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=706133700&rst=1711128536542&rpt=508&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 30B5 0
998 B 25ms
25ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&e=wqT_3QL-BOh-AgAAAwDWAAUBCNj_9q8GEJXP-omhz6WmJhgAKjYJx7q4jQbwpj8RXnKSnAJPoD8ZAAAAQOF6AEAhXg0SACkRJPTyATEAAACgmZnJPzDJuPUGOPpPQJUJSGBQ1J7PzwFYs8FrYABo86GFAXjC2wSAAQGKAQNVU0SSAQNCUkyYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC4qNO6gJGaHR0cHM6Ly9tYWlsbHRlcnIyYS5pbWJveHQzZXJyYS5keW52Ni5uZXQvdGVycmEvdGVycmEucGhwP3JhbmRvbT0yODk0N4ADAIgDAZADAJgDF6ADAaoDQRIYMzcxNzczMzM5MDE4MTMxMTQ0M19zYmlkGhMyNzU5NzQ2MTIyNjkwNzY2NzQxIgk0MzU0MDg3MjQqBU0xMTczwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4yM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATUns_PAYgFAZgFAKAF08f22qLagswzwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFjJtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHwtsE0gcNCQAAAAABLhwQABgA2gcGCAUJuOAHAOoHAggA8AfhlwKKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=f8eb6e897dff59827147067c40f4f50e23721765&type=pv&jm=1003&px=315&py=711&bw=970&bh=250&sf=1&sid=5977856541857905218&vd=ct~0|rr~5&sv=243&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14507081&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/243/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:58 GMT
an-x-request-uuid: 7c736d9d-89d0-4a80-a67c-585923133534
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://maillterr2a.imboxt3erra.dynv6.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.23; 217.114.218.23; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
289 B 166ms
125ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10969-0&tE=0&tF=&tI=___de_1711128537825_3648182807&tJ=CA6935,CA4723,CA4729&tQ=bratargettecinformaticaapple,bratargetdiversidade&tU=0100007FD9BFFD65C906EF590246041E&tX=b.52&tY=1&tZ=252665045
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:58 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 bqi.php
lg3.media.net/ Frame F314 15 B
15 B 32ms
32ms Image
text/javascript 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=2521&lf=3&&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_tsce=L446&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=350635&vgd_cdv=1185&vgd_cage=1&vgd_rensize=300_250&vgd_ren_page_h=1200&vgde_bdata=~G-MjJzvufX9~GwEv9~G8Ov9.Au9~G-M1zNJQ7mLv9oA*f9oH~G-M1QzvAuu9A~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99999u9~G-MQ8lJvA99-fX9~G-M7Y1-vWX~G-M7YjMQxkk8-vS~N875vI4PICVD%3Dq4I~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOufvu~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvA9~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9F~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9FA~OYYMYuv9.uAH~OYYMYu9vu.999~OYYMYuuv9.iiW~OYYMYufv9.AXX~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiA~OYYMYuFv9.uAA~OYYMYfv9.uhF~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvu.999~OYYMYAFvu.999~OYYMYAivu.999~OYYMYH9vu.999~OYYMYHAvF.WWf~OYYMYXvu.999~OYYMYXuvu.999~OYYMYXfv9.AXH~OYYMYXAv9.uhW~OYYMYXHvX.999~OYYMYXXvu.999~OYYMYXhvu.999~OYYMYFvu.999~OYYMYhv9.AXX~OYYMYhAvu.999~OYYMYhHvu.999~OYYMYivu.999~OYYMLv9.fuH~JMLEYv9.uAH~JLEYv9.uAH~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~Yy8vuHX9h9i9~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNvIV~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvSufuuSGL.7JLL1.Y18jSwmYJSQu~Q7OvSufuuSGL.7JLL1.Y18jSwmYJSQu~eGLv9~e8Q8G8j875v9~NGOEv9.uuu~875EJM8OvuF~QJjjJLM71yM8OvSufuuSGL.7JLL1.Y18jSwmYJSQu~QxEEj5M71yM8OvuHX9h9i9~e8JB1G8j875v9.AXHfXA~EmQv9~N1LL8JLVOv9~myG8Ov9.Au9999~GkjLv9.999~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzuW~8zQjv9~QmGEv~w7Yjvu~ONx7vFX~OmyGv9ou~8GNvu~~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vWF~Y-GU7v9&vgd_lbt=1000&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU62MU8E&crid=434553236&rrr=tzR-hLcl-L8Kb7cof_3z1ey-4E7Nvuc8cKSKiNWnbFH8YOS-kN9yZvnz_gdz8S_OlFQcepibvHgJT4aXiMmUZsuvFinvGEle&requrl=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&vi=1711128536564373464&ugd=4&cc=DE&sc=HE&bdrid=462&subBdr=99&startTime=1711128536806&l1ch=1&l1hcsd=l1!S5h9m|1870&buid=350635&sttm=1711128536817&upk=1711128537.27981&hvsid=00001711128536817036481827843558&acid=b51a78893f9e5e2486090218259e6c05&verid=3111299&infr=1&stime=1711128536618&tsrc=abtest&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1711128536192947933&vgd_sc=HE&vgd_ecrid=486661670&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p0720784295t202403221728&vgd_pgids=1&vgd_end=1

Protocol

Security

QUIC, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=21600
date: Fri, 22 Mar 2024 17:28:58 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 15
expires: Fri, 22 Mar 2024 17:28:58 GMT

GET
H3 200 bqi.php
lg3.media.net/ Frame 30B5 15 B
15 B 41ms
40ms Image
text/javascript 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=2541&lf=3&&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_tsce=L446&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=349063&vgd_cdv=1185&vgd_cage=1&vgd_rensize=970_250&vgd_ren_page_h=1200&vgde_bdata=~G-MjJzvufFA~GwEv9~G8Ov9.uF9~G-M1zNJQ7mLv9oA*f9oH~G-M1QzvAuu9A~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99999uu~G-MQ8lJvih9-fX9~G-M7Y1-vW9~G-M7YjMQxkk8-vS~N875vI4PICVD%3Dq4I~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOufvu~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9F~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9FX~OYYMYuv9.9FX~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.AXu~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiH~OYYMYuFv9.u9u~OYYMYfv9.uWH~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvu.999~OYYMYAFvu.999~OYYMYAivu.999~OYYMYH9vu.999~OYYMYXvu.999~OYYMYXuvu.999~OYYMYXfv9.XWA~OYYMYXAvu.999~OYYMYXHvX.999~OYYMYXXvu.999~OYYMYXhvu.999~OYYMYFvu.999~OYYMYhv9.AXu~OYYMYhAvu.999~OYYMYhHvu.999~OYYMYivu.999~OYYMLv9.u9u~JMLEYv9.9FX~JLEYv9.9FX~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~Yy8vuHX9h9Wu~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNvIV~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvSufuuSGL.7JLL1.Y18jSwmYJSN1GJNJ8L1~Q7OvSufuuSGL.7JLL1.Y18jSwmYJSN1GJNJ8L1~eGLv9~e8Q8G8j875v9~NGOEv9.9HH~875EJM8OvuF~QJjjJLM71yM8OvSufuuSGL.7JLL1.Y18jSwmYJSN1GJNJ8L1~QxEEj5M71yM8OvuHX9h9Wu~e8JB1G8j875v9.XWfFuA~EmQv9~N1LL8JLVOv9~myG8Ov9.uF9999~GkjLv9.999~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzuf~8zQjv9~QmGEv~w7Yjvu~ONx7vh9~OmyGv9ou~8GNvu~~zQlvu~7yQvih9-fX9~GQGvu~GQEvou~7Y-vWA~Y-GU7v9&vgd_lbt=1000&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU62MU8E&crid=155514246&rrr=tzR-hLcl-L8Kb7cof_3z1ey-4E7Nvuc8cKSKiNWnbFH8YOS-kN9yZvnz_gdz8S_OlFQcepibvHgJT4aXiMmUZsuvFinvGEle&requrl=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2Fterra%2Fterra.php%3Frandom%3D28947&vi=1711128536923241449&ugd=4&cc=DE&sc=HE&bdrid=462&subBdr=99&startTime=1711128536852&l1ch=1&l1hcsd=l1!S5h9m|1870&buid=349063&sttm=1711128536856&upk=1711128537.26016&hvsid=00001711128536856036481827847004&acid=a40c54527fe50ede2a7b9bd43b5cec04&verid=3111299&infr=1&stime=1711128536623&tsrc=entity&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1711128536190757882&vgd_sc=HE&vgd_ecrid=435408724&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p0720784295t202403221728&vgd_pgids=3&vgd_end=1

Protocol

Security

QUIC, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=21600
date: Fri, 22 Mar 2024 17:28:58 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 15
expires: Fri, 22 Mar 2024 17:28:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
54ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403190101&jk=1798310732479405&bg=!TE-lTwDNAAZaswqNerM7ADQBe5WfOPI-OW390pRkCy_d9TSRwy3UXYMMJJ7VK4NCwrChJoR4M-EFKJIXbUVsg03s476jAgAAAEJSAAAAA2gBB34ANRlHS7W7h9T0ilLPvn1UbdUUfbDysvGk5lI5hjwA9kwV4rqC6zka3_IgkLLXGc0cf-tDUnIHmQKCvVXoKgjyqUVgKy-6pUWJuuYzxk3bjiawlCrT2Nlrr6v80iHB4ECuv-xzRDP5E-kavq4nf-x4ag44aD9NnvbJxpYDY9uo4kK8vcZUbrsgy-kvOVFkz5_sRabXBK-Vp-eRvvZgny8oMAIaPqHe9e_ZUcuTT4AzQPiFNatEiu0E1XiSYAf0ylhrcC28qXa11b3CzIDSeaRs2MXuOupqAmi2DPwaooP-zDKuNMAJo4-nSkvLBwTceFVRZNpxvR8xrhi_t8J0-lsdsH4Tji4Il35fWePcbxkJeueeYX-Tna16peQEZajjmRY8bgEdz3P1No5Vs8oxcwXvJOb19RkDnee6g2ZTKeC0wVGhB0Ac92EIEulbkp9JahMnCQtkemoRqudIWOBhuykkz6XCfNb7vlj6sd7ATc59uiMMXnggk1ozIOR-bZFGnnoFzSUxC5jh1h2PgMoMv7PY4WHr3V60gpZe6l8KpzftYiZQS7O0IHj9LxBXxgnhPfyXbFCKHe4GCcOrnjGQYuqgGVmUcU_3BHEpi89euD7L5k4d0unPDieuMhAj5HykrH_Kd-eAbICFV4uw7wSp4y4Y6BwLPHxNexmt-q5ZNwLm08wMmlRoDjWTBvq-bYH_9IPwDC_HP6vOqmYso-x0XIV5MzaIZ_lwx-7V1Oe2Zx--7MrhuNfKATYJPj8XoxfflVEMp_tgf0uDuFfiPuR_gQiKtQQGahIZjigPUgoaRSosBqL4ohcpx_9s_rlWVG1FCbhyMay8OAeiZrB1tEHxWGn7DWXF6_cpPJcK8q3-oQPxiyXUyqSNzvbgCbp4ThjxGNMzixlhDnSlc9kRox-_47pBZBf9IEWdZmMDuYzg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 147ms
69ms Script
text/javascript 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1706292308/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 23 Mar 2024 17:28:59 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CE08 14 KB
6 KB 102ms
34ms Document
text/html 2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=maillterr2a.imboxt3erra.dynv6.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://maillterr2a.imboxt3erra.dynv6.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 17:28:58 GMT
server: Kestrel
server-processing-duration-in-ticks: 412910
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 108ms
42ms XHR
text/javascript 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maillterr2a.imboxt3erra.dynv6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:28:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 23 Mar 2024 17:28:59 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame CE08
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=imboxt3erra.dynv6.net&sn=ChromeSyncframe&so=0&topUrl=maillterr2a.imboxt3erra.dynv6.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=LO5GAHxSdlV6clBiaXBBb0x6aklEU0tMREN2MllYNUswaHZUZXkyR1dWcVF1NUwvVmNWK1NCMWo4cytqSVRzTnFXc1FDTElrSnF6S3p5TkZvV1d5YTk0TUFsUm5RYlkzMmdycTJQZUFKSDJCMjlRR2dIR251RlhKOUVLS3...

444 B
668 B

35ms
34ms

Fetch
application/json

2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=LO5GAHxSdlV6clBiaXBBb0x6aklEU0tMREN2MllYNUswaHZUZXkyR1dWcVF1NUwvVmNWK1NCMWo4cytqSVRzTnFXc1FDTElrSnF6S3p5TkZvV1d5YTk0TUFsUm5RYlkzMmdycTJQZUFKSDJCMjlRR2dIR251RlhKOUVLS3U2THVsVDNqMEh3NE5wek1PQU1LbkFMcUVGZXcwNU4vdGdFUGhSL0RwTWVoam5CL3RtRzV1Q3FscXVCYTZsa0R3MEVTV3BIV0ZTandmOEhGL0lObjluM3duWVVnQkhJODZWdEJ0NmNkOGx1V2xlQ0VzRkVFczh0b003NWF4dFpjdkNzb2VSNFllK1pWeFRPM0RGR25UbGx0ZkdmdEc3cUxkM29ScSt4VXVESFJ2Q2pGZlUxST18&cppv=2

Protocol

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

03ab6a44dc49ae0280bd7723267b237de47bb63949330aa645d104799d91bd83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1128376
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:28:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=LO5GAHxSdlV6clBiaXBBb0x6aklEU0tMREN2MllYNUswaHZUZXkyR1dWcVF1NUwvVmNWK1NCMWo4cytqSVRzTnFXc1FDTElrSnF6S3p5TkZvV1d5YTk0TUFsUm5RYlkzMmdycTJQZUFKSDJCMjlRR2dIR251RlhKOUVLS3U2THVsVDNqMEh3NE5wek1PQU1LbkFMcUVGZXcwNU4vdGdFUGhSL0RwTWVoam5CL3RtRzV1Q3FscXVCYTZsa0R3MEVTV3BIV0ZTandmOEhGL0lObjluM3duWVVnQkhJODZWdEJ0NmNkOGx1V2xlQ0VzRkVFczh0b003NWF4dFpjdkNzb2VSNFllK1pWeFRPM0RGR25UbGx0ZkdmdEc3cUxkM29ScSt4VXVESFJ2Q2pGZlUxST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 249887
content-length: 0
expires: 0

OPTIONS json
gum.criteo.com/sid/ Frame 0
0

GET json
gum.criteo.com/sid/ 0
0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET async_usersync.html
acdn.adnxs.com/dmp/ Frame D5E1 0
0

GET checksync.php
contextual.media.net/ Frame 0157 0
0

GET usync.html
eus.rubiconproject.com/ Frame 2E8F 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2F&domain=maillterr2a.imboxt3erra.dynv6.net&cw=1&pbt=1&lsw=1

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmaillterr2a.imboxt3erra.dynv6.net%2F&domain=maillterr2a.imboxt3erra.dynv6.net&cw=1&pbt=1&lsw=1

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=13911

Domain: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Domain: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDV2PQ3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imboxt3erra.dynv6.net/	1970-01-21 04:54:48	Name: _ga Value: GA1.3.475755074.1711128535
.imboxt3erra.dynv6.net/	1970-01-20 19:18:49	Name: _gat Value: 1
maillterr2a.imboxt3erra.dynv6.net/	1970-01-20 20:02:00	Name: _pbjs_userid_consent_data Value: 3524755945110770
prebid.media.net/	1970-01-20 23:38:00	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 04:04:24	Name: khaos Value: LU2XR0HO-10-DFYA
.rubiconproject.com/	1970-01-21 04:04:24	Name: audit Value: 1\|yQuirGeEF6B8ewDQEpDGe7U1ZxogGjlwOA+xFj1I9se7SBgs1/kytQAQ3r6Ibwy1j5mwafEPcKltfB40hfkjVLXGStqOIbbZT/UlBGIwfit6qeRjPEkig2LjXDfUXbeXIZE5xoQF+eG+xUA9sgf/4dzpQ7vzkXQ/
.adnxs.com/	1970-01-21 04:54:48	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:28:24	Name: icu Value: ChkI-ueGARAKGAEgASgBMNj_9q8GOAFAAUgBENj_9q8GGAA.
.adnxs.com/	1970-01-20 21:28:24	Name: XANDR_PANID Value: dxALBMiiwrPP-XdGVyzBloj-g4esEsNtNeyaj_B0-_ZIW0pvgmY3BqIDyfGRP0aVX35cvCee3gzJapiqrchEG5_XYoR9-qd6FoSXVjY22d8.
.adnxs.com/	1970-01-20 21:28:24	Name: uuid2 Value: 3875903186615627980
.yandex.ru/	1970-01-21 04:54:48	Name: i Value: Vwds5tmR0SQxkYygxmaedsNIU6AeQ81WpUR32GZkrpue1oAdPGOCaXqeEwj+Dlm5m/6JmbCZoSFBzUCCF81KpbzIiuQ=
.yandex.ru/	1970-01-21 04:54:48	Name: yandexuid Value: 6030559221711128536
.yandex.ru/	1970-01-21 04:04:24	Name: yashr Value: 6388826931711128536
maillterr2a.imboxt3erra.dynv6.net/	1970-01-20 19:18:50	Name: tt_c_vmt Value: 1711128537
maillterr2a.imboxt3erra.dynv6.net/	1970-01-20 19:18:50	Name: tt_c_c Value: direct
maillterr2a.imboxt3erra.dynv6.net/	1970-01-20 19:18:50	Name: tt_c_s Value: direct
maillterr2a.imboxt3erra.dynv6.net/	1970-01-20 19:18:50	Name: tt_c_m Value: direct
maillterr2a.imboxt3erra.dynv6.net/	1970-01-21 04:54:48	Name: _ttuu.s Value: 1711128537509
.tt-10969-0.seg.t.tailtarget.com/	1970-01-20 20:02:00	Name: trk Value: xFt8p5z7xq3XNtnckTOfDXPM2nTqFHDvK22AfFXVwvaGUF3g4FnGUksaf+rtohnnRSck4I1OkG8smHuDNPAVtQ==
.t.tailtarget.com/	1970-01-20 19:21:41	Name: _ssc Value: y
.t.tailtarget.com/	1970-01-21 04:04:24	Name: u Value: fwAAAWX9v9lZ7wbJHgRGAgB=
maillterr2a.imboxt3erra.dynv6.net/	1970-01-21 04:04:24	Name: tt.u Value: 0100007FD9BFFD65C906EF590246041E
.t.tailtarget.com/	1970-01-20 20:02:00	Name: ttbprf Value: ___de_1711128537825_3648182807
.t.tailtarget.com/	1970-01-20 19:18:50	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 20:02:00	Name: ttnprf Value:
maillterr2a.imboxt3erra.dynv6.net/	1970-01-20 19:20:14	Name: tt.nprf Value:
.tt-10969-0.seg.t.tailtarget.com/	1970-01-20 19:18:52	Name: ttca Value: CA6935,CA4723,CA4729_1711128538
.t.tailtarget.com/	1970-01-20 20:02:00	Name: n Value: 1711128538

93 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s1.trrsf.com.br/terramail/_js/jquery-3.5.1.min.js(Line 1) Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://p1.trrsf.com/cengine/igniter/script?s=navbar&r=ad&r=breadcrumb&r=breakingNews&r=cookie-message&r=footer&r=navbar-email&r=search&r=ticker&r=socialpanel&r=shortcuts&r=under18-message&rs=email&p=fixed Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s1.trrsf.com/update-1704722707/fe/zaz-cerebro/prd/scripts/zaz.inline.min.js?standalone=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://p1.trrsf.com/cengine/igniter/script?s=navbar&r=ad&r=breadcrumb&r=breakingNews&r=cookie-message&r=footer&r=navbar-email&r=search&r=ticker&r=socialpanel&r=shortcuts&r=under18-message&rs=email&p=fixed Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s1.trrsf.com/update-1704722707/fe/zaz-cerebro/prd/scripts/zaz.inline.min.js?standalone=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://s1.trrsf.com.br/metrics/js/br/content.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s1.trrsf.com/metrics/inc/br/202203110000a.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://s1.trrsf.com.br/metrics/js/br/content.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s1.trrsf.com/metrics/inc/br/202203110000a.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://bs.yandex.ru/prebid/3612118?imp-id=1&target-ref=maillterr2a.imboxt3erra.dynv6.net&ssp-id=10500 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://bs.yandex.ru/prebid/3612118?imp-id=1&target-ref=maillterr2a.imboxt3erra.dynv6.net&ssp-id=10500 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13911' from origin 'https://maillterr2a.imboxt3erra.dynv6.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13911 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://maillterr2a.imboxt3erra.dynv6.net/terra/terra.php?random=28947 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

86773b6f5340a017dd84af903bdae2e0.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
api.rlcdn.com
b.t.tailtarget.com
bidder.criteo.com
bs.yandex.ru
c.amazon-adsystem.com
cdn.adnxs.com
cdn.jsdelivr.net
config.aps.amazon-adsystem.com
contextual.media.net
d.tailtarget.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fra1-ib.adnxs.com
gum.criteo.com
hblg.media.net
ib.adnxs.com
lg3.media.net
maillterr2a.imboxt3erra.dynv6.net
mug.criteo.com
p1.trrsf.com
p1.trrsf.com.br
pagead2.googlesyndication.com
prebid.media.net
prg.smartadserver.com
qsearch-a.akamaihd.net
s.seedtag.com
s1.trrsf.com
s1.trrsf.com.br
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
svadata.terra.com.br
t.tailtarget.com
tags.t.tailtarget.com
tpc.googlesyndication.com
tt-10969-0.seg.t.tailtarget.com
warp.media.net
www.google-analytics.com
www.terra.com.br
acdn.adnxs.com
api.rlcdn.com
contextual.media.net
eus.rubiconproject.com
gum.criteo.com
13.224.185.120
13.33.221.174
151.101.129.108
178.250.1.8
18.244.18.32
18.245.31.123
185.86.139.116
2.16.164.41
2.19.100.239
20.15.107.238
208.84.244.116
208.84.244.97
23.212.88.20
23.53.232.23
2602:803:c003:200::21
2606:4700::6810:5714
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:830::2001
2a00:1450:400c:c02::9c
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:780::5f65:367b
2a02:26f0:780::5f65:36d3
2a02:6b8::90
34.102.185.99
34.120.63.153
34.149.50.64
35.201.123.184
37.252.173.215
88.221.124.22
03ab6a44dc49ae0280bd7723267b237de47bb63949330aa645d104799d91bd83
0442c95ddc83162ac9b126fbc73882a437803a7ebef2718bc7ed897ba44950fe
044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
071b5baf0748a6a8a8e11834af2fd7f4690bc454c64a73b01df37d3d2a07dec5
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0f959222ac5827d10e5cb09093bde3ff4c7e0fcdcb2e0e06c8e39a0e3983ed36
12babe247baab793f01ca219842013d73c438a5fed0c0889a5396afc1c54f5c5
153c1c2de7827bcb0c9ccd669e5b2e7bae13f7e8e934f3cf0b6dd513a16c21bf
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
166720721c833cecfeb03d4dc92c707c7855430f2a3caf2fd60a736400e6e251
189d97907f24a96a47f040fbdacb4f930d1ff41675ac96b659d2cb3eb607d095
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
1c121844f01c8abb42eb2dfe4273e2b43b69269484c79290af05dfdc1d71f501
1e5047e5dbbf23c54dc88d0941cb9e4b6886c0a210d46504ba9891d4d9dd1192
1fe53cf7f03d12af875315353f6ab8df7a936fa9e26cbe0c5e2f1dc7269652b8
20976fc8fe202fef3f3b01a7068bc9512b8c82162c61e6e2403f8b4eabcb54aa
21396c6e3b051e5d6f443dd75bd113c0d5381dd7b29f183acbd4b1cc5376602b
22aa459d51cac5740dcd86312752b5c640162337d7c8d5791811772804d45ea5
25757a06c79fa8159f621f785b1b052016b65be2f1994ce7346b22af4aa18ec5
25c87a8baa88fc684b19e41a017f6a1d17d30d7d14ec93511d3e0b4c4bdced9d
29eebdc70407f985205302ac77f68545c06766a6031748e920f5643a63fc1470
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
2aef9d5cd3b7f763135c7a2e5065923c4c69e2b8112679206d0aba6fb862bff9
2bdc242f8afad2131cb05e2e3288c34d1f6a677452331c1f5b478193f754b9e0
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a
34635e7ad0b3cdf7f198469f6257deac45dba8ce6c9cb963f7f35cc07278d251
348b67f2de749b5738ecd616db955265833e209759167e23c17054c0fbd6549e
3940a2bf06afd3626a18a1adc9f89ffa8bf90dceac97952e4b72293da528673d
3dff9efd4a6d72287b4d30593d1592b349cd42eeda64ce35af90dc46d90166eb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a894b0c4a2f4c3fff8bc316a7ad3527f61464b0f7b70d211fefbf52e0b765ee
4e9db79d89e736ab849a0fdd4049771badee9d6011c514b473424b4f514e7247
4fed25c522546f1b2e83ec7d466da2382d7ebac5c10ce2d77605b2796f3572eb
513a6866e48ea8e16265464bf3f99aea0289c53007b57221dfd0dd5e64cb6985
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562003ec2a8e3f8395e2b490fb8ee1bf321c5c6d0e9edd1f0c3e8ef89fa2d82c
57425ffa63cfde72a41bfccb7102329aa38d2702abc780e494dc07e87e902a9e
59131bbe55395a9cf6f2871f1b2013b21f3b1b3cb34bb70a187e561a63eae678
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5b54b663a68ab50eec6da294a8aa6b06e57b619c26bc12d7d7fa2c3701f913e0
5b55292cb19be85439b763dd346ac0e0304ea5f90f244660e554d9384c50bda3
5c5a9efd1aaf8622dba343cc8a028336cddb7fed5c8ec2b4c6df1b918006f333
5ccf5111a2cbcf008839254bfa2b13e2562eb3d98752b3b302f16ce3cbf50914
5d970b83432bf2f958098a7ab5df58a7329c26fd9fe5d6c63eb854a12b332ce1
5f3fe6682c31fbff40aa193c0d3554e2e69c800e40ad758ab6783ce184d8b4ca
60030481be95c8052a5043bd0ebb13ef16e6254b6e86b8dfe5001590cfafc681
618d53e93c8d89a321615fad5da731d8466ee2c5b06478d6e7ea19fae5edba5c
61b7324118b3e3a2d3146e82daa175edbe0533632093f53added63f3d0b906e1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62aead83b721830f4ae3ea138ca2bcdae8a7b9c69d1b921834c3a8088ba4d2b9
6569766813c1967cd49f2685aa30bbcb4517126af887bcae04092d26ade399b1
663f70e65e2eb7f65ebe67512f26aba6633027a184560dc0727ecc3f50fb96af
6e3708c910f964a2a8afce3340b1499a60d118683abca9a7226932dd8a8d58d1
6ef271b5f7a300d3a082f8f55656f1ae2c169097d0cc5478d69dd5f31f4044ad
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76c2b9a887e2be6c58753422ddc93663051846fcd9955f7a82e9318a9eb4b076
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a223174668e40dccd38462d34304503b75e31e700bff92b7e9e8fdda3274670
7e815e3d30d0653579141531e789a4bb6f47854db0f8c3b446373c44a7cd2087
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
82da873956888d3a0a1db331a301c9b95de6937c0acf64c33a2c9fc711b7fb54
83113ce831f3f1ec8841232d895e17f722444b1939f5230891f7ff17a7c53618
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
859897c8a33945c743702dbb90ba0526319dfcf548b16dcc033bfb1448237626
85d421f008d25fcb90dba7afcbff1383e695a8aec87653e1ec74d1e01fe09aad
87858c782a7467b170eba7e3adb99b0e244ff3acef532827a97e0a040713f2d5
88d51e3e9ab81a94877ac752acb88bbc9d0b5a045be8b027e09e3718e3dedfff
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8dcb0fcb98f857932586111ae076aa46c7f403fa58107f183ca5b074af3b78dd
946eb995c70a4877c4e5b4ae1d6fe72973c93fb55e93e8ac999aa4cf784e8533
99e6be2e6f35c44979f78f70cb06a47b84150d0d8e9945fce11b9665b4a085f5
9aa7e7037c03e20ffa24aa11807553d1fb0de02cde3fbe30090aa046fac24760
a2a07c6ecbecbc2a84021c2b2ee1502483b401523a6b6bb6f5f709aa5bd1f720
a342613ee0097818cb1d7195811b84cce65d38b9b30850c844ce61f06935d8c5
a5dc8ebb7a2dbe62e6c45ad27873474b89dfdb5d5c633e2eecae08bad0dcce6d
a60554ac1f86291468a90aa99fdc3ee46fc5d39f2670cd646f0caf708b7d73c5
a675a6920c13fce10dc4569f215fb781cbd955219c304553c7b62d854fe6c694
a7e24f0533599f142ce5fa24301b330a5bb8546cdbebca6a885196e80f5e5a00
aa3b66cc46e7b15d1cdf78e3dc02b9088bc39ed3f230eec1e0678e7e3dd6488b
abdfabd3bdc79d4892487c7a172e6081a2c240c50aa908799dea10f28eb7e428
acefce6852ea3b66c75784de53d12e3dc7e494fea3409fa5c154432058eb4c77
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
bb28d75d3285c675665eb8af682e084b306c8fdb173553a70824ed42c475fbe5
bc03d253ae8bd556dae288f329158a063063e30afa0e8ea7ea13edec2063dd76
bd7ec13059eb5147ccde9f83ad77e8c2c13922d69264aa1d2ab5022bc5a13c52
c50dab21cc8d77be54e50ac80c4449c32fcbaab32ca8e0bfbde67b366fd733b4
c53383cb8728b70ab4d2d0b587c860ae1090218ad63c7bd77d2a9fc9a6e1b59d
c742fe1454397b333346b9fe2ce4b097418f7403a3150261a904a2b54b89e005
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
cb5e0f5b9a14a2bd158f57fd095b43e9c28874ef0ca20ca884bb03252258d736
ccd1a05d8f01a694d2b63b293a45e2c1985cc36cdaa02c17adf2b48365d4f151
cce5b207bafcac198b067c60c7899be700fc0780fa46b7d75773d0f360a45e9e
cd2fff654b6f817a8d2933754a6492444102e8735c83c256d0a6cb678ce92a2c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d26480a38c1de148603009f902429433aa8ca95a8af1b72be0fae1e3ada0d002
de5911c4093cf65affd59f74aa43dae5c6f24146b0ba192431289b8374c9b9d4
de62fb428dc202256cde552926c3b79d7f37cfa7a7ef075e9a77c066698f7353
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e2759ae13ee76196b834eb8481f6631370d0bbf8c08ba2dfb0c40e6957a3e0cd
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c16773695082bff1986622d1321bfe386d2855789da8136527d4cb76c0dc58
e5d85771b1d7819b5173f95fa79262187bfd076ffb273be015e774c747d4e112
e77d4f8d5482bf993e6e1ab83e9b8d44cbdf31b7852059d34afa5614f9e015b8
e804af52cc7879d1dc7ed1505b35d74e7075ff436d50cf64146b474315b846ee
eabfc86cdbab00f4e22509bf746ad775a0b8fb353e55a2fdc9eb1dad1c033238
eb784ac3d8f6b7e1af85aaf341a248344a9dd8ef874442fc3db40efda6ce9d03
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
edc6a89c64d41073eb96c33e359a1f33b22e50b9056d0d92350a36dfa58f04f8
eea45956474d526490902b9c13527ff50bacb0a3a8e0a056abbbb791e454d3bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f4270cd8aaa654b7ff6c695b82ce3f8b19464e05ac2f889612c8dd5c54c54936
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd038a3b5887a7211da38f300f043f190119b3d194cccbfc109d10d41ea42a81
ff0cd05e27929098f66a6e62ef938527f24fa52284c075b3ebda4772d605dd94
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

maillterr2a.imboxt3erra.dynv6.net Open in urlscan Pro 20.15.107.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

166 Requests

96 %HTTPS

39 %IPv6

21 Domains

43 Subdomains

34 IPs

6 Countries

1940 kBTransfer

5112 kBSize

28 Cookies

60 Outgoing links

Page URL History

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

maillterr2a.imboxt3erra.dynv6.net Open in urlscan Pro
20.15.107.238 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

96 %
HTTPS

39 %
IPv6

21
Domains

43
Subdomains

34
IPs

6
Countries

1940 kB
Transfer

5112 kB
Size

28
Cookies

166 HTTP transactions
6 data transactions